gdal
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to guide the agent in executing GDAL command-line utilities (such as gdalinfo, gdalwarp, and ogr2ogr) for processing raster and vector data. This is the primary and intended function of the skill.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external geospatial data files (TIFF, Shapefiles, etc.) which represents a potential attack surface if those files contain malicious metadata. However, the risk is minimal given the specialized nature of the processing tools.
- Ingestion points: Reads local geospatial data files specified as INPUT.tif, INPUT.shp, and input file lists.
- Boundary markers: Not present.
- Capability inventory: Execution of local GDAL binaries for file transformation and inspection.
- Sanitization: No explicit sanitization of input file paths or metadata is mentioned.
Audit Metadata