geomaster
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documents and provides code for downloading Earth observation data from trusted organizations and well-known services, such as Microsoft's Planetary Computer, ESA's Copernicus SciHub, and Google Earth Engine. These connections are standard for geospatial analysis.
- [COMMAND_EXECUTION]: Python examples in the
gis-software.mdreference utilize thesubprocessmodule to interface with SAGA GIS command-line utilities. This is an expected and documented integration for the scientific domains covered. - [PROMPT_INJECTION]: As the skill involves ingesting untrusted external data (such as GeoJSON files or satellite metadata), it possesses a surface for indirect prompt injection. However, it uses industry-standard libraries (GeoPandas, Rasterio) and focuses on numerical/spatial processing rather than natural language interpretation of that data.
- [CREDENTIALS_UNSAFE]: While the skill provides examples for cloud storage and API access (AWS, Google Cloud, Planet), it follows security best practices by using clear placeholders for keys and secrets instead of hardcoding sensitive information.
Audit Metadata