excalidraw
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the Kroki API (https://kroki.io) to generate SVG diagrams. Kroki is a well-known, legitimate service for diagram-as-code rendering.
- [COMMAND_EXECUTION]: The skill uses
curlto communicate with the Kroki API and provides optional setup for a local CLI (excalidraw-brute-export-cli), including a documentedsedcommand for macOS keybinding patches. These actions are standard for the skill's stated purpose. - [SAFE]: No malicious activities, such as prompt injection, persistence, or data exfiltration, were detected. The skill instructions are clear and follow least-privilege principles.
Audit Metadata