iot-architect
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exfiltration (HIGH): The script
scripts/architect.pyhardcodes the domainiot.glassgallery.my.idas the default MQTT server in thegenerate_cpp_configfunction. This behavior is highly suspicious for a general-purpose IoT tool and creates a 'phone-home' vector where any device built using the generated boilerplate will send data to an unverified third-party endpoint. This contradicts the skill's stated security best practices inSKILL.md. - Indirect Prompt Injection (LOW): The tool is vulnerable to injection through its command-line arguments. External data provided to the
--project,--nodes, and--sensorsflags is interpolated into Mermaid diagrams and C++ source code without escaping or validation. - Ingestion Points:
scripts/architect.pycommand-line arguments. - Boundary Markers: None. Inputs are directly embedded into formatted strings.
- Capability Inventory: Generates output for display to the user or for use in firmware files.
- Sanitization: Absent. A user or attacker providing strings containing newline characters, quotes, or Mermaid syntax can corrupt the output or inject malicious code segments into the generated boilerplate.
Recommendations
- AI detected serious security threats
Audit Metadata