gmsh-meshing
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches official GMSH Python bindings and common scientific packages like numpy, scipy, and pyvista from the official Python package registry.
- [COMMAND_EXECUTION]: Provides a command-line interface (run_gmsh_agent.py) for performing mesh generation, batch processing, and quality assessment on local geometry files.
- [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection risk due to its interaction with external CAD files. 1. Ingestion points: Processes geometry data from STEP, STL, and IGES files via generate_mesh and process_directory (found in SKILL.md). 2. Boundary markers: No specific delimiters or instructions to ignore metadata content are present. 3. Capability inventory: The skill has file system write access and utilizes MCP tools for agent spawning. 4. Sanitization: No explicit sanitization or validation of input geometry data is documented.
- [SAFE]: No evidence of obfuscation, hardcoded credentials, unauthorized network activity, or persistence mechanisms was found during analysis.
Audit Metadata