geospatial-data-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill configuration requests broad shell access through the Bash tool with wildcards for npm, gdal, and postgres commands. This allows the agent to install software, manage database instances, and execute GIS utilities on the system.
- [EXTERNAL_DOWNLOADS]: Educational content and scripts recommend installing various third-party geospatial packages (e.g., @mapbox/geojson-precision, tippecanoe, topojson) via NPM. While these are reputable packages from well-known services, they constitute runtime external dependencies.
- [PROMPT_INJECTION]: The skill processes external geospatial data files which serves as an ingestion point for untrusted content.
- Ingestion points: The geospatial_processor.ts and tile_generator.ts scripts read GeoJSON and GPS track data from local files.
- Boundary markers: No delimiters or safety instructions are used to separate data from instructions during processing.
- Capability inventory: The agent has access to Read, Write, Edit, and Bash tools.
- Sanitization: The scripts use standard JSON parsing but lack specific sanitization or escaping of data fields before they are potentially utilized in an agent's context.
Audit Metadata