Skills
skills/drandyhaas/kicadroutingtools/plan-pcb-routing/Gen Agent Trust Hub

plan-pcb-routing

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands, specifically grep and various python3 calls, using a file path provided by the user (e.g., path/to/file.kicad_pcb). If the agent does not sanitize this input path, it could allow an attacker to perform command injection by providing a path like file.kicad_pcb; <malicious_command>.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external KiCad PCB files, which are untrusted data sources.
  • Ingestion points: The file is parsed in Step 1 using parse_kicad_pcb and scanned in Step 2 using grep.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the PCB file content strictly as data and ignore any embedded text that might resemble instructions.
  • Capability inventory: The skill possesses significant capabilities, including reading local files, writing intermediate PCB files and logs to /tmp, and executing a suite of Python routing scripts.
  • Sanitization: There is no mention of validating the structure or content of the KiCad file before it is processed by the various scripts and shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 12:16 PM