mapbox-store-locator-patterns
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational patterns for building Mapbox-based applications. All external references are to official Mapbox documentation (mapbox.com), the Turf.js spatial analysis library (turfjs.org), and standard GeoJSON specifications.
- [SAFE]: Code examples correctly demonstrate security and performance best practices, including input debouncing to prevent excessive processing and proper error handling for geolocation API access (e.g., handling PERMISSION_DENIED and TIMEOUT states).
- [SAFE]: Use of
mapboxgl.accessTokenis clearly marked with placeholders (e.g., 'YOUR_MAPBOX_ACCESS_TOKEN'), following standard practice for developer tools without exposing real credentials. - [SAFE]: Geolocation access is handled through standard browser APIs (
navigator.geolocation.getCurrentPosition) and the official MapboxGeolocateControl, which require explicit user consent via browser prompts. - [SAFE]: Data processing logic (filtering and sorting GeoJSON features) is performed in-memory on the client-side, avoiding unsafe server-side execution patterns.
Audit Metadata