geo-explorer
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as intended for a geopolitical analysis tool. Its use of the file system for history tracking (geo_explorer_history.json) and output storage (geo_explorer_outputs/) is a standard implementation for task continuity and organization.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its reliance on external web data.
- Ingestion points: Untrusted data enters the context via the search_web tool when querying for recent international news and Wikipedia map resources.
- Boundary markers: Absent; the instructions do not implement markers or specific system instructions to differentiate external search data from the core task logic.
- Capability inventory: The skill has read/write access to local JSON history files and the output directory, but lacks dangerous capabilities such as arbitrary code execution or network exfiltration of system secrets.
- Sanitization: Absent; the agent is instructed to extract topics and URLs directly from search results without structured validation or sanitization of the fetched content.
Audit Metadata