scientific-schematics
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates user-provided diagram descriptions into the prompts sent to both generation and review models, creating a surface for indirect prompt injection. 1. Ingestion points: The 'prompt' command-line argument in scripts/generate_schematic_ai.py. 2. Boundary markers: No delimiters or 'ignore embedded instructions' warnings are used when interpolating the user prompt. 3. Capability inventory: The skill performs network operations to the OpenRouter API using the Python requests library. 4. Sanitization: No escaping or validation is performed on the user-supplied prompt before it is sent to the LLM.
- [COMMAND_EXECUTION]: The script scripts/generate_schematic.py invokes another Python script using the subprocess module. While it uses a list of arguments and avoids shell invocation, user-controlled strings are passed as command-line parameters.
- [EXTERNAL_DOWNLOADS]: The skill makes requests to the well-known service provider OpenRouter at openrouter.ai to transmit prompts and download generated image data. This is documented neutrally as it is a core function of the skill using an established service.
Audit Metadata