mapbox-cartography
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No attempts to override agent behavior or bypass safety filters were detected in the instructions.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns were found.
- Obfuscation (SAFE): No use of Base64, zero-width characters, or other obfuscation techniques.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not install external packages or execute remote scripts.
- Privilege Escalation (SAFE): No commands requesting elevated permissions (e.g., sudo, chmod) are present.
- Persistence Mechanisms (SAFE): No attempts to modify system configuration or startup scripts for persistence.
- Indirect Prompt Injection (SAFE): The skill provides static design guidance and does not ingest or process untrusted external data.
- Dynamic Execution (SAFE): Although the skill contains example Mapbox Expression snippets, these are provided as static documentation and are not executed by the skill itself.
Audit Metadata