skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/cwicr-takeoff-helper/Gen Agent Trust Hub
cwicr-takeoff-helper
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill performs legitimate mathematical and data processing tasks for construction estimation.
- [PROMPT_INJECTION]: The skill processes external data (CSV, Excel, JSON) and has filesystem write capabilities for exporting results, creating a surface for indirect prompt injection. However, this is for the tool's primary purpose and no malicious behavior was found. (Ingestion points: project data; Boundary markers: absent; Capability inventory: filesystem write via export_takeoff; Sanitization: absent).
- [SAFE]: All dependencies and references are to well-known libraries or official vendor resources.
Audit Metadata