skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/prompt-templates/Gen Agent Trust Hub
prompt-templates
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it is designed to ingest and process untrusted external data within structured AI prompts.
- Ingestion points: The skill processes user-supplied data through variables such as 'line_items', 'schedule_data', 'clash_data', and 'spec_text' defined in the
SKILL.mdtemplates. - Boundary markers: The prompt templates interpolate user data directly into the prompt string without using explicit delimiters (e.g., XML tags or triple quotes) or specific 'ignore embedded instructions' warnings.
- Capability inventory: The agent is granted
filesystempermissions viaclaw.json, enabling it to read local files which may contain malicious instructions. - Sanitization: The implementation logic in
SKILL.mddemonstrates a best practice by using Python'sstring.Template.safe_substitutefor variable interpolation, which prevents basic formatting-based injection attacks during the construction of the prompt.
Audit Metadata