Skills
skills/earthtojake/text-to-cad/urdf/Gen Agent Trust Hub

urdf

Warn

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The scripts/gen_urdf/cli.py script utilizes importlib.util.spec_from_file_location and module_spec.loader.exec_module to dynamically load and execute arbitrary Python files passed as command-line arguments. This mechanism allows the execution of any code contained within the target scripts.
  • [COMMAND_EXECUTION]: The skill provides a CLI interface in scripts/gen_urdf/cli.py designed to execute local Python scripts as part of the robot model generation workflow.
  • [REMOTE_CODE_EXECUTION]: The _load_generator_module function in scripts/gen_urdf/cli.py modifies sys.path at runtime to include the directory of the script being executed and the current working directory. This increases the risk of module shadowing or the accidental execution of malicious code if untrusted files are present in those directories.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 5, 2026, 02:48 AM