Skills
skills/diodeinc/pcb/datasheet-reader/Gen Agent Trust Hub

datasheet-reader

Warn

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run the pcb scan command with user-provided arguments (local paths or URLs). This pattern creates a command injection surface if the input is not strictly sanitized before being passed to the shell.
  • [PROMPT_INJECTION]: The workflow involves fetching untrusted content from external URLs or local PDFs and then reading the processed output. This exposes the agent to indirect prompt injection, where a malicious document could contain instructions to override the agent's behavior.
  • Ingestion points: Technical PDFs and URLs provided by users or found in files (SKILL.md).
  • Boundary markers: Absent. The instructions do not provide delimiters or warnings to the agent to ignore instructions embedded within the processed document.
  • Capability inventory: Shell command execution via pcb scan (SKILL.md).
  • Sanitization: Absent. There is no mention of input validation or escaping for the <input> parameter before it is executed in bash.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 17, 2026, 10:00 PM