eda-pcb
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Overall Assessment] (SAFE): The skill is a well-structured set of engineering guidelines for electronic design automation. All tools listed in the YAML frontmatter (
mcp__kicad-pcb__*) are domain-specific and consistent with the skill's purpose. - [Prompt Injection] (SAFE): No instructions found that attempt to override system behavior or bypass safety filters. All instructions are task-oriented.
- [Data Exposure & Exfiltration] (SAFE): The skill accesses project-local documentation (
docs/,datasheets/) to extract constraints. There are no attempts to access sensitive system paths (e.g., SSH keys, env files) or perform external network operations. - [Obfuscation] (SAFE): All files are in cleartext Markdown. No Base64, zero-width characters, or homoglyph-based obfuscation techniques were found.
- [Remote Code Execution & Dependencies] (SAFE): The skill does not perform any remote script downloads, package installations, or dynamic code execution. It relies on a predefined set of KiCad-specific MCP tools.
- [Indirect Prompt Injection] (LOW): While the skill ingests external data (datasheets), the risk is minimal as the context is used to drive technical parameters for PCB layout. The capability tier is restricted to EDA file modification and project documentation.
Audit Metadata