preview-leaflet
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs a bash script (
run.sh) to handle content processing, variable substitution, and the generation of visualization assets in the local filesystem.\n- [EXTERNAL_DOWNLOADS]: Fetches the Leaflet library and associated styles fromunpkg.com(a well-known CDN) and utilizes Subresource Integrity (SRI) hashes to ensure the delivered content has not been tampered with.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it executes agent-provided JavaScript code within a browser context to render interactive maps.\n - Ingestion points: The skill receives map logic and coordinate data via stdin or file input directed to the
run.shscript.\n - Boundary markers: The provided code is encapsulated in a dedicated JavaScript file that is dynamically loaded by the HTML preview page.\n
- Capability inventory: The generated HTML executes JavaScript, loads map tile images from HTTPS sources (e.g., OpenStreetMap), and allows user interaction with map controls.\n
- Sanitization: Employs a robust Content Security Policy (CSP) in the generated HTML to restrict script execution and uses HTML/JS escaping for metadata injection prevention.
Audit Metadata