skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/cad-to-data/Gen Agent Trust Hub
cad-to-data
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's instructions explicitly guide the agent to use
subprocess.run()to execute CLI-based converters. This capability allows the agent to run local system commands to process CAD files. - [INDIRECT_PROMPT_INJECTION]: The skill parses complex architectural data formats (IFC, RVT, DWG, DGN) which are external and potentially attacker-controlled, presenting a surface for indirect instructions.
- Ingestion points: CAD/BIM files such as
.rvt,.ifc, and.dwgas specified ininstructions.md. - Boundary markers: No specific boundary markers or "ignore instructions" delimiters are provided to the agent for separating data from system instructions.
- Capability inventory: The skill uses filesystem permissions to read and write files and
subprocess.run()for command execution. - Sanitization: There is no explicit instruction to sanitize or validate extracted metadata or text properties before the agent processes or outputs them.
Audit Metadata