skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/cwicr-value-engineering/Gen Agent Trust Hub
cwicr-value-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted construction data from external sources.
- Ingestion points: Data enters the agent context through CSV, Excel, and JSON files as described in the instructions.
- Boundary markers: The prompt instructions lack clear delimiters or specific directives to the AI to ignore instructions embedded within the ingested data.
- Capability inventory: The skill has permissions to read datasets and write Excel reports to the filesystem using the pandas library.
- Sanitization: No specific text sanitization or filtering logic is implemented for the data fields before they are processed by the LLM.
- [EXTERNAL_DOWNLOADS]: The skill includes documentation links and resource references to the author's official GitHub repository and website.
Audit Metadata