scientific-schematics
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes user-provided natural language descriptions to generate diagrams via an LLM, creating a potential surface for indirect prompt injection. * Ingestion points: The 'prompt' argument in 'scripts/generate_schematic.py'. * Boundary markers: Absent; user input is passed directly to the generation logic. * Capability inventory: Subprocess calls to 'pdflatex' and 'convert' (ImageMagick) in 'scripts/compile_tikz.py'. * Sanitization: No explicit validation or escaping of external content is visible in the provided scripts.
- [Command Execution] (LOW): The script 'scripts/compile_tikz.py' executes system utilities for diagram compilation and conversion. * Evidence: 'subprocess.run' is used with list-based arguments to invoke 'pdflatex', 'convert', 'open', and 'xdg-open'. This implementation follows security best practices by avoiding 'shell=True'.
- [External Downloads] (LOW): The skill documentation and scripts involve interaction with the OpenRouter API and standard third-party libraries. * Evidence: Usage of the 'requests' library for API communication and documentation recommending the installation of 'graphviz', 'schemdraw', and 'matplotlib'.
Audit Metadata