drawio
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect prompt injection surface detected. The skill processes XML diagram data which can contain untrusted instructions in text labels. Evidence: 1. Ingestion points: .drawio XML files; 2. Boundary markers: Absent; 3. Capability inventory: drawio-export CLI execution; 4. Sanitization: Absent.
- [COMMAND_EXECUTION] (SAFE): The skill uses drawio-export and drawio CLI commands to process local files. This behavior is necessary for the skill's primary purpose and does not involve high-risk patterns.
Audit Metadata