geopandas
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill's core functionality involves ingesting untrusted data from external sources, which constitutes a surface for indirect prompt injection.\n
- Ingestion points: Data is read via
gpd.read_file(supporting local files, ZIPs, and remote URLs),gpd.read_postgis,gpd.read_parquet, andgpd.read_featherinreferences/data-io.md.\n - Boundary markers: No specific boundary markers or instructions to ignore embedded commands are provided in the examples.\n
- Capability inventory: The skill enables file system writing (
to_file), network requests (downloading data), and database execution (to_postgis).\n - Sanitization: No explicit sanitization or validation of external input data is included in the instructions.\n- External Downloads (SAFE): The skill instructs the agent to install standard and reputable libraries such as
geopandas,folium, andpyarrow. These dependencies are trusted in the context of geospatial analysis.\n- Credentials Safety (SAFE): Database connection examples inreferences/data-io.mduse generic placeholders (user,password) and do not expose hardcoded secrets.
Audit Metadata