Skills
skills/czarnak/totally-integrated-claude/tia-import-export/Gen Agent Trust Hub

tia-import-export

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to import data from external files such as XML, AML (AutomationML), and XLSX into industrial automation projects. This represents an attack surface where untrusted data could enter the engineering environment. However, this is the primary, legitimate purpose of the skill. The risk is mitigated by the underlying TIA Portal software which validates the structure and schema of these files during import.
  • Ingestion points: File paths passed to Import() methods in references/plc-blocks.md, references/hmi-screens.md, and others.
  • Boundary markers: Not explicitly present in instructions, but enforced by the XML/AML schemas.
  • Capability inventory: File reads and modifications within the TIA Portal project context via the Openness API.
  • Sanitization: Relies on the TIA Portal Openness API's internal validation against XSD schemas.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 09:56 AM
Security Audit — agent-trust-hub — tia-import-export