devito
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Devito library, which generates C code from symbolic equations at runtime and compiles it into shared libraries using system compilers (e.g., GCC, Clang, or ICC). These compiled kernels are then executed as subprocesses to run the simulation. Additionally, the
scripts/acoustic_wave.pyscript allows writing simulation results to arbitrary file paths specified via the--outputargument usingnumpy.save. - [EXTERNAL_DOWNLOADS]: The skill specifies dependencies on
devitoandnumpy, which are well-known and standard libraries within the scientific Python ecosystem. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection via the processing of untrusted simulation data.
- Ingestion points: Simulation parameters such as grid dimensions (
--nx,--nz), time steps (--nt), and output paths are ingested via command-line arguments inscripts/acoustic_wave.py. - Boundary markers: There are no explicit boundary markers or instructions to the model to ignore embedded malicious content within simulation parameter strings.
- Capability inventory: The skill can generate and compile C source code via Devito's
Operatorclass and write files to the local disk usingnumpy.save. - Sanitization: Input parameters are cast to specific types (int, float) via
argparse, which provides basic validation, but no higher-level sanitization or range checking is performed on values that control memory allocation and execution flow.
Audit Metadata