anygen-diagram

The skill exhibits coherent purpose-capability alignment: it is designed to generate diagrams server-side via AnyGen and render results locally, with explicit consent for file uploads and clearly defined rendering steps. The data flows, credential usage, and external network interactions are mostly proportionate to diagram-generation tasks. However, there are several security-sensitive patterns: handling of API keys and credentials, potential command-injection risk in script-driven workflows, and reliance on external CDNs for rendering assets. Given these signals, the footprint is moderately risky and should be treated as suspicious rather than benign, pending rigorous code-level review and proper safeguards (strict input sanitization, minimal privilege operation, explicit auditing of external calls, and secure handling of credentials).