Skills
skills/aklofas/kicad-happy/kidoc/Gen Agent Trust Hub

kidoc

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to orchestrate various stages of the documentation pipeline.
  • scripts/kidoc_scaffold.py runs analysis scripts on schematic and PCB files.
  • scripts/kidoc_generate.py dispatches document rendering to format-specific scripts (PDF, DOCX, etc.).
  • scripts/kicad_cli.py invokes the system kicad-cli tool.
  • [EXTERNAL_DOWNLOADS]: scripts/kidoc_venv.py automatically sets up a project-local virtual environment and installs required packages from the official Python Package Index (PyPI). This is a standard and safe practice for managing dependencies.
  • [PROMPT_INJECTION]: The skill assembles data from KiCad project files into context packages used by the AI agent to write design narratives. This creates a surface for indirect prompt injection where malicious design data could influence the agent.
  • Ingestion points: scripts/kidoc_narrative.py reads component descriptions, net names, and analysis findings from KiCad hardware designs.
  • Boundary markers: Absent. User-controlled design data is directly interpolated into the narrative context without clear delimiters or 'ignore embedded instructions' warnings.
  • Capability inventory: The skill possesses extensive file system access and the ability to execute subprocesses through orchestration scripts like scripts/kidoc_generate.py and scripts/kidoc_scaffold.py.
  • Sanitization: Hardware design data is not sanitized or escaped for potential instructions before being passed to the AI agent as narrative context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 09:15 PM