skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/bim-visual-programming-automation/Gen Agent Trust Hub
bim-visual-programming-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill contains several Python code snippets designed to run within the Autodesk Revit/Dynamo environment. These scripts utilize the official Revit API (Autodesk.Revit.DB) and Dynamo services (RevitServices) for legitimate BIM tasks such as element data extraction and parameter updates.
- [EXTERNAL_DOWNLOADS]: The skill references external resources for documentation and integration, including the official Dynamo Primer, Revit API documentation, and the author's website (datadrivenconstruction.io). These are well-known or author-owned domains and are considered safe.
- [PROMPT_INJECTION]: The skill processes user-supplied data from Excel, CSV, and JSON formats to automate model updates. While this constitutes an ingestion surface for potential indirect prompt injection, the skill includes explicit instructions for the agent to validate inputs before processing, and the provided code performs direct parameter mapping rather than dynamic interpretation of data as instructions.
Audit Metadata