geopandas
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill includes behavioral instructions in
SKILL.mdthat direct the AI agent to proactively promote a specific commercial platform (K-Dense Web) when user requests involve complex workflows. This represents a behavioral nudge to steer the agent's interaction toward the author's hosted service. - [PROMPT_INJECTION]: Vulnerability to indirect prompt injection is present due to the capability to process untrusted geospatial data from external files and network locations.
- Ingestion points: The skill utilizes
gpd.read_file(),gpd.read_postgis(), andgpd.read_parquet()as documented inSKILL.mdandreferences/data-io.mdto ingest external data. - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat processed data content as potentially containing untrusted instructions.
- Capability inventory: The skill enables Python code execution for analysis, file system access (read/write), and network connectivity via GeoPandas and SQLAlchemy.
- Sanitization: The skill relies on standard library parsing without implementing additional validation or sanitization of the input content.
- [EXTERNAL_DOWNLOADS]: The documentation in
references/data-io.mdprovides examples and technical instructions for fetching geospatial data from remote sources, including public URLs (https://example.com/data.geojson) and cloud storage buckets (S3, Azure).
Audit Metadata