furniture-planner
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses local user data in
~/Casa/datos/plano.jsonto retrieve dimensions and writes generated output to~/Casa/muebles/. This file access is restricted to intended functional directories and is necessary for the skill's primary purpose. - [PROMPT_INJECTION]: The skill processes architectural plans (images/PDFs) and web-scraped pricing data from third-party suppliers. While this represents an indirect prompt injection surface, it is a standard operational requirement for the skill's vision and web-search tasks.
- [EXTERNAL_DOWNLOADS]: The skill references established regional hardware and material suppliers (e.g., Easy, Sodimac, DAC Maderas) and fetches a template from Amazon S3. These sources are well-known services or legitimate industry providers.
- [COMMAND_EXECUTION]: The skill utilizes internal tools for Excel generation (
document-skills:xlsx) and prompt construction for external rendering tasks. All operations are well-defined and handled through standard tool interfaces.
Audit Metadata