Scan Report
0 /100
Verilog Design Flow
Design, implement, and verify Verilog/SystemVerilog modules with spec-driven development, self-checking testbenches, and automated simulation workflows
Legitimate Verilog/SystemVerilog design and simulation workflow skill with no security concerns. All shell usage is documented EDA tool execution (VCS, Xrun, Icarus) and VCD analysis uses standard open-source library.
Safe to install
This skill is safe to use. No security concerns identified.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | SKILL.md declares file creation for .v/.sv files; scripts read VCD files |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md:82-95 documents subprocess calls to vcs, xrun, iverilog; scripts/simula… |
| Network | NONE | NONE | — | No network activity detected |
| Environment | NONE | READ | ✓ Aligned | scripts/simulate.sh:26-29 uses 'command -v' for tool detection (safe) |
| credential | NONE | NONE | — | No credential access found |
| sensitive_access | NONE | NONE | — | No sensitive path access (~/.ssh, ~/.aws, .env) |
File Tree
4 files · 19.0 KB · 641 lines Markdown 2f · 430L
Shell 1f · 124L
Python 1f · 87L
├─
▾
references
│ └─
vcd-analysis.md
Markdown
├─
▾
scripts
│ ├─
check_vcd.py
Python
│ └─
simulate.sh
Shell
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
vcdvcd | * | pip | No | Open-source VCD parser library; version not pinned but no known vulnerabilities |
Security Positives
✓ All shell execution is explicitly documented in SKILL.md (VCS, Xrun, Icarus commands)
✓ No credential harvesting or environment variable iteration
✓ No network exfiltration or C2 communication
✓ No obfuscation (base64, eval, atob)
✓ No sensitive file/path access
✓ Uses legitimate open-source EDA tools (Icarus Verilog, slang)
✓ VCD analysis uses well-known open-source Python library (vcdvcd)
✓ No remote script execution (curl|bash, wget|sh)
✓ No supply chain risks - no external dependencies beyond documented pip install