skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/cwicr-equipment-planner/Gen Agent Trust Hub
cwicr-equipment-planner
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external project data in formats like CSV, Excel, and JSON. 1. Ingestion points: Both instructions and the skill body define methods for processing external data files. 2. Boundary markers: No specific delimiters are used for untrusted data. 3. Capability inventory: The skill has filesystem permissions for reading data and writing reports. 4. Sanitization: Data is handled through structured calculations in Pandas and Numpy, minimizing the risk of instruction leakage.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and repositories on GitHub and datadrivenconstruction.io. These are verified resources belonging to the skill author.
- [COMMAND_EXECUTION]: The technical implementation relies on deterministic mathematical operations for construction planning. No arbitrary command execution or unsafe system calls were identified.
Audit Metadata