The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/kicad_pcb.py executes the kicad-cli system binary using subprocess.run to perform PCB design tasks. While necessary for the skill's operation, this allows the agent to initiate local process execution on the host machine.
[DATA_EXPOSURE]: The cmd_new function in scripts/kicad_pcb.py fails to sanitize the user-provided project name for path traversal sequences (e.g., ..). Because this name is used to construct file system paths, an attacker could potentially create directories and KiCad project files in sensitive locations outside of the designated projects folder.
[INDIRECT_PROMPT_INJECTION]: The skill's intended workflow involves processing natural language descriptions of electronic circuits to generate designs. This creates an attack surface where maliciously crafted circuit descriptions could attempt to influence the agent's behavior during the design generation phase.
Ingestion points: Natural language input is passed to the script via CLI arguments as described in the SKILL.md workflow.
Boundary markers: No specific delimiters or "ignore instructions" guards are implemented for the description strings.
Capability inventory: The script can create directories, write files (schematics, PCB layouts, configs), and execute the KiCad CLI.
Sanitization: The implementation replaces spaces with underscores in names but does not filter for directory traversal or shell metacharacters in all contexts.

kicad-pcb