openscad
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes the
openscadbinary and local utility scripts to render and validate 3D models. This is the primary intended function and is implemented using safe shell practices (e.g., using arrays for arguments to prevent shell injection). - [DATA_EXPOSURE] (SAFE): File access is restricted to the models and configuration files provided by the user. No access to sensitive system credentials or private directories (~/.ssh, ~/.aws) was detected.
- [PROMPT_INJECTION] (LOW): The skill has an indirect prompt injection surface as it parses external
.scadand.jsonfiles. * Ingestion points:tools/extract-params.sh(reads .scad files) andtools/render-with-params.sh(reads .json files). * Boundary markers: Absent. * Capability inventory: File writing (STL/PNG) and local command execution (OpenSCAD). * Sanitization: Uses regex-based parsing via Python for parameter extraction.
Audit Metadata