amap
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (SAFE): The skill correctly retrieves the AMap API key from the
AMAP_MAPS_API_KEYenvironment variable rather than hardcoding secrets. - [DATA_EXFILTRATION] (SAFE): Network activity is restricted to the trusted domain
restapi.amap.comfor geographic, weather, and routing data. - [COMMAND_EXECUTION] (SAFE): The application logic uses a strictly defined set of commands and arguments. It does not utilize unsafe functions like
eval()orexec()for processing user input. - [REMOTE_CODE_EXECUTION] (SAFE): No mechanisms for downloading or executing remote code or scripts were found in the skill's source files.
- [PROMPT_INJECTION] (SAFE): The instruction files provide clear, safe guidelines for the agent and do not contain attempts to bypass safety filters or override system prompts.
- [DATA_EXPOSURE] (LOW): The skill exposes an indirect prompt injection surface by returning raw JSON data from an external API (AMap).
- Ingestion points: AMap API responses (e.g., POI descriptions, address names) in
scripts/lib/commands.ts. - Boundary markers: Absent; the skill prints raw JSON to stdout.
- Capability inventory: Network access to
restapi.amap.com. - Sanitization: None; the agent receives raw data from the external service.
Audit Metadata