Skills
skills/crazymsn/academic-skills/scientific-schematics/Gen Agent Trust Hub

scientific-schematics

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/generate_schematic.py uses subprocess.run to coordinate execution with scripts/generate_schematic_ai.py. This implementation is secure as it avoids using a shell (shell=True is not used), preventing command injection vulnerabilities even though it processes user-provided prompts as arguments.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the OpenRouter API (openrouter.ai) to generate and review images. This is a well-known service, and the communication is necessary for the skill's primary function. It also relies on the standard requests library for these operations.
  • [CREDENTIALS_UNSAFE]: The skill correctly manages sensitive data by instructing users to use environment variables (OPENROUTER_API_KEY) or .env files for their API keys, which is a standard security best practice to avoid hardcoding secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 09:23 AM
Security Audit — agent-trust-hub — scientific-schematics