skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/toolbox-talk-generator/Gen Agent Trust Hub
toolbox-talk-generator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, persistence mechanisms, or privilege escalation attempts were detected. The skill's behavior aligns with its stated purpose of managing construction safety documentation and recording attendance records in-memory.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external data (weather conditions, activities, and incident reports) to generate talk scripts through LLM interpolation.\n
- Ingestion points: Site data provided by the user in CSV, Excel, or JSON formats as specified in instructions.md and parameters passed to suggest_topics in SKILL.md.\n
- Boundary markers: No explicit delimiters or 'ignore' warnings are present in the prompt template within the generate_with_llm function in SKILL.md.\n
- Capability inventory: The skill requests 'filesystem' permission via claw.json; no subprocess, network, or arbitrary code execution capabilities are present in the provided implementation logic.\n
- Sanitization: The assistant is instructed to 'Validate inputs before processing' in instructions.md, which acts as a natural language guardrail, though no programmatic sanitization (escaping) is implemented in the Python classes.\n- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unauthorized downloads were found. The skill operates using static templates and explicitly states it has no external dependencies.
Audit Metadata