skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/site-logistics-optimization/Gen Agent Trust Hub
site-logistics-optimization
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through its data processing workflow.\n
- Ingestion points: The assistant is instructed to accept and process project data from user-provided files (CSV, Excel, JSON) as described in
instructions.md.\n - Boundary markers: There are no explicit delimiters or system instructions defined to prevent the AI from executing malicious prompts that might be hidden within the project data.\n
- Capability inventory: The skill is granted
filesystempermissions viaclaw.json, allowing for file read and write operations on the host system.\n - Sanitization: No input validation or content sanitization mechanisms are specified for the external data files before they are processed by the agent.\n- [SAFE]: Technical review of the provided Python logic for optimization, scheduling, and simulation shows no evidence of malicious intent, obfuscation, or unauthorized network activity. The scripts use standard scientific libraries (numpy, scipy) for their intended purposes.
Audit Metadata