bom
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a set of Python scripts (
bom_manager.py,edit_properties.py,sync_datasheet_urls.py) to perform schematic parsing, property editing, and BOM management tasks.\n- [DYNAMIC_EXECUTION]: The scriptscripts/bom_manager.pydynamically modifies the Python module search path (sys.path) at runtime to import a configuration module from a computed relative directory within the skill structure.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests component data (MPNs, descriptions, and comments) from potentially untrusted KiCad schematic files and CSV spreadsheets, which can influence the behavior of the agent and other integrated skills.\n - Ingestion points: Reads component properties and freeform notes from
.kicad_schandbom.csvfiles.\n - Boundary markers: No delimiters or instructions are used to separate untrusted data fields from functional instructions.\n
- Capability inventory: The skill has file-write permissions for schematic and BOM files and triggers other skills that perform network operations.\n
- Sanitization: Standard escaping is used for schematic file format integrity, but no sanitization is applied to data used to drive agent decisions or tool searches.
Audit Metadata