microsim-generator
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python utility scripts (e.g., extract-sim-specs.py, generate-sim-scaffold.py) and a screenshot tool (bk-capture-screenshot) to manage the MicroSim generation workflow. These operations are integral to the skill's primary purpose of content generation.
- [EXTERNAL_DOWNLOADS]: The generated simulations fetch visualization libraries from trusted CDNs, including jsDelivr, unpkg, and Plotly's official CDN. The libraries (p5.js, Chart.js, Plotly, Mermaid, vis-network, Leaflet, Venn.js) are well-known services.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection through untrusted chapter data.
- Ingestion points: Chapter markdown files are parsed for specifications in SKILL.md.
- Boundary markers: Absent in the extraction logic.
- Capability inventory: Subprocess calls, file-write, and script execution are available across the utility scripts.
- Sanitization: Absent in the skill instructions.
- Note: This risk is mitigated by the mandatory 'Instructional Design Checkpoint' and the fact that generated code is localized to specific simulation directories.
- [SAFE]: All identified behaviors are consistent with the skill's educational mission. The use of trusted external sources and local orchestration scripts follows standard development practices for static site and documentation generation.
Audit Metadata