arcgis-feature-effects
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [External Downloads] (LOW): The skill references JavaScript libraries from the ArcGIS CDN (js.arcgis.com). While this is a standard industry practice for mapping applications, it is an external resource not explicitly listed in the trusted organizations list.
- [Indirect Prompt Injection] (LOW): The code examples demonstrate constructing SQL-like filters using direct string interpolation of user-controlled values (e.g., slider inputs). 1. Ingestion points: Slider 'thumb-drag' and select 'onchange' events. 2. Boundary markers: Absent. 3. Capability inventory: Modifying featureEffect and displayFilter on map layers. 4. Sanitization: Absent; the samples use standard template literals.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, secrets, or sensitive file paths were detected. The sample uses a placeholder URL for its data service.
Audit Metadata