geopandas
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill provides instructions to install reputable geospatial libraries (geopandas, folium, pyarrow, etc.) from standard Python package repositories using
uv pip. No suspicious third-party packages or piped remote scripts were detected. - [DATA_EXPOSURE] (SAFE): No sensitive file paths (e.g., .ssh, .aws) are accessed. Database connection strings and URLs used in examples are clearly marked with placeholders (e.g., 'user:password' and 'example.com').
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill enables reading geospatial data from external sources, which is its primary purpose. While this introduces an ingestion surface, it is a standard feature of the library and no malicious exploitation patterns were found.
- Ingestion points:
read_file,read_postgis,read_parquet, andread_featherinreferences/data-io.md. - Boundary markers: Not applicable for standard data processing workflows.
- Capability inventory: File system write access (
to_file) and database write access (to_postgis). - Sanitization: N/A; standard library behavior is maintained.
Audit Metadata