eda-schematics
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No evidence of instructions designed to bypass agent constraints or safety protocols.- Data Exposure & Exfiltration (SAFE): The skill only interacts with local project files (.kicad_sch, .json, .md) and does not attempt to access sensitive system paths or exfiltrate data to external domains.- Obfuscation (SAFE): All files consist of clear, human-readable markdown and instructions without encoded or hidden characters.- Unverifiable Dependencies & Remote Code Execution (SAFE): There are no external package requirements or commands that download and execute remote scripts.- Indirect Prompt Injection (LOW):\n
- Ingestion points: docs/design-constraints.json, docs/component-selections.md, and datasheets/.\n
- Boundary markers: None identified.\n
- Capability inventory: Write file access and specialized KiCad MCP tools.\n
- Sanitization: No explicit sanitization of input data.\n
- Analysis: The skill relies on external project data which could theoretically contain misleading instructions. However, the scope of the agent's actions is restricted to schematic design, presenting a low risk of system-level exploitation.- Dynamic Execution (SAFE): The skill does not generate or execute code at runtime; it purely performs structured data manipulation for CAD software.
Audit Metadata