rtl-equivalence-checker
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing external RTL source files and incorporating their contents into analysis reports interpreted by the agent.
- Ingestion points: User-provided Verilog files are read and parsed by 'scripts/rtl_parser.py'.
- Boundary markers: The report formatting in 'scripts/check_equivalence.py' uses visual separators (e.g., dashes and headers) but does not include explicit instructions to the LLM to ignore embedded commands within the parsed RTL code.
- Capability inventory: The skill identifies logic differences and generates counterexamples through local computations. It has the capability to write results to a user-specified file path, but no network operations or subprocess executions were identified.
- Sanitization: The skill does not perform any escaping or sanitization of signal names, module names, or logic snippets extracted from the source files before displaying them in the output.
Audit Metadata