maplibre-mapbox-migration

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill provides educational guidance for migrating software libraries. It correctly identifies MapLibre as an open-source fork of Mapbox GL JS and provides appropriate migration steps. It also explicitly instructs the user to remove access tokens, which is a security best practice when moving away from the Mapbox ecosystem.
  • [COMMAND_EXECUTION]: The skill includes standard terminal commands for package management (npm install maplibre-gl, npm uninstall mapbox-gl) and style validation (gl-style-validate style.json). These are functional requirements for the migration process and involve no malicious parameters or suspicious flags.
  • [EXTERNAL_DOWNLOADS]: The skill references downloading libraries from the official NPM registry and loading assets from well-known CDNs like unpkg.com. It also points to legitimate geospatial service providers such as MapTiler, OpenFreeMap, and OpenRouteService, which is expected for the stated purpose of finding tile source alternatives.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 10:38 AM
Security Audit — agent-trust-hub — maplibre-mapbox-migration