Skills
skills/openaec-foundation/blender-bonsai-ifcopenshell-sverchok-claude-skill-package/ifcos-impl-validation/Gen Agent Trust Hub

ifcos-impl-validation

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill contains standard instructional material and code snippets for architectural data validation. No malicious patterns such as data exfiltration, obfuscation, or remote code execution were detected.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (IFC and IDS files), which represents a potential surface for indirect prompt injection.\n
  • Ingestion points: The skill reads IFC model files via ifcopenshell.open() and IDS specification files via ifctester.open().\n
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded content are used when processing these files.\n
  • Capability inventory: The skill has the capability to write files (HTML, JSON, BCF, ODS, XML) using reporter objects and the to_file() or to_xml() methods.\n
  • Sanitization: No specific sanitization of the model data is performed prior to report generation, though the risk is minimized as the data is not interpreted as instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 06:31 PM