skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/bim-to-schedule-4d/Gen Agent Trust Hub
bim-to-schedule-4d
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard construction data logic using standard Python libraries such as pandas and datetime. All logic is self-contained and operates on user-provided data.
- [DATA_EXFILTRATION]: The skill includes a method to export results to the local filesystem via
export_linksinSKILL.md. This functionality is consistent with thefilesystempermission declared inclaw.jsonand is intended for generating Excel reports. - [PROMPT_INJECTION]: The skill ingests external datasets through the
import_scheduleandimport_elementsmethods inSKILL.md. While this constitutes a data ingestion surface, the risk of indirect prompt injection is mitigated by the instruction to 'Validate inputs before processing' and the absence of high-risk capabilities like network access or shell execution. Ingestion points:import_scheduleandimport_elementsinSKILL.md. Boundary markers: Absent in prompt instructions. Capability inventory: Local filesystem write viaexport_linksinSKILL.md. Sanitization: Instructions explicitly mandate input validation before processing.
Audit Metadata