owntracks
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script
scripts/nearby.mjsfetches point-of-interest data from the AMap (高德) API (restapi.amap.com). This is a well-known mapping and location service.\n- [COMMAND_EXECUTION]: Provides command-line scripts (query.mjs,nearby.mjs) intended for the AI agent to retrieve current location data, history, and nearby places from the local filesystem.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted GPS data via an external HTTP endpoint which is then processed and presented to the agent for decision-making.\n - Ingestion points: Location updates are received via HTTP POST requests in
scripts/server.mjs.\n - Boundary markers: None identified; data is accepted as JSON and stored without explicit delimiters or instructions to ignore embedded content.\n
- Capability inventory: The skill includes file system write capabilities (
scripts/server.mjs) and network request capabilities (scripts/nearby.mjs).\n - Sanitization: The server performs basic JSON structure validation but does not implement semantic validation or sanitization of the content before it is read by the agent.
Audit Metadata