Skills
skills/cartodb/agent-skills/carto-find-spatial-data/Gen Agent Trust Hub

carto-find-spatial-data

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the carto CLI for dataset discovery (carto do search), inspection (carto do get), and subscription (carto do subscribe). These commands are standard for interacting with the CARTO platform and do not involve arbitrary command execution or shell injection risks.
  • [DATA_EXPOSURE]: The skill handles data warehouse connections and destination tables. It follows security best practices by referencing connection names (e.g., carto_dw) and existing warehouse infrastructure rather than hardcoding or exposing sensitive credentials.
  • [SAFE]: No patterns of prompt injection, obfuscation, or unauthorized network operations were found. The external references are directed toward CARTO's official data services, which is consistent with the skill's intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 10:02 PM
Security Audit — agent-trust-hub — carto-find-spatial-data