skills/bighardperson/computer-science-skills-collection/tencentmap-webservice-skill/Gen Agent Trust Hub
tencentmap-webservice-skill
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill checks for the environment variable
TMAP_WEBSERVICE_KEYto authenticate API calls. This is a standard and safe practice for managing service credentials in AI skills. - [PROMPT_INJECTION]: The instructions include a mandatory "interception" rule that requires the agent to verify API key availability before proceeding with any analysis or code generation. This is a functional constraint designed to manage service access rather than a safety bypass.
- [COMMAND_EXECUTION]: The documentation provides JavaScript implementation examples for JSONP requests. While these examples include dynamic script tag creation (
document.createElement('script')), they are presented as educational implementation details for the end-user's application and are not executed by the agent itself. - [DATA_EXPOSURE]: The skill describes a 'silent recording' behavior for API keys provided in dialogue. This is a common pattern for session-based API integration to improve user experience.
Audit Metadata