NYC

mapbox-cartography

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • Prompt Injection (SAFE): No attempts to override agent behavior or bypass safety filters were detected in the instructions.
  • Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns were found.
  • Obfuscation (SAFE): No use of Base64, zero-width characters, or other obfuscation techniques.
  • Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not install external packages or execute remote scripts.
  • Privilege Escalation (SAFE): No commands requesting elevated permissions (e.g., sudo, chmod) are present.
  • Persistence Mechanisms (SAFE): No attempts to modify system configuration or startup scripts for persistence.
  • Indirect Prompt Injection (SAFE): The skill provides static design guidance and does not ingest or process untrusted external data.
  • Dynamic Execution (SAFE): Although the skill contains example Mapbox Expression snippets, these are provided as static documentation and are not executed by the skill itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:10 PM