skills/openaec-foundation/computational-design-day-delft-march-2026/bonsai-agents-ifc-validator/Gen Agent Trust Hub
bonsai-agents-ifc-validator
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of prompt injection or instruction override patterns were found. The instructional language is strictly limited to defining validation procedures and operational constraints.
- [DATA_EXFILTRATION]: No network operations or unauthorized data access patterns were detected. All file operations are localized to the IFC models provided for validation within the user's environment.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping network content to a shell or dynamic loading from untrusted sources, were identified. All dependencies are industry-standard BIM libraries.
- [OBFUSCATION]: The skill uses clear, plain-text markdown and Python code. No Base64, zero-width characters, or other encoding techniques intended to hide malicious content were found.
- [INDIRECT_PROMPT_INJECTION]: The skill processes structured IFC data files. While it lacks explicit sanitization for element names or property values displayed in logs, the capability inventory is restricted to read-only validation and reporting, posing no risk of privilege escalation or command execution.
- [DYNAMIC_EXECUTION]: The skill does not utilize
eval(),exec(), or any form of runtime code generation or modification. All logic is statically defined in the provided snippets.
Audit Metadata