drawio
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Comprehensive auditing of the instructions and source code revealed no malicious intent, prompt injection attempts, or unauthorized data access.
- [EXTERNAL_DOWNLOADS]: The skill includes an optional integration with a versioned MCP server hosted on NPM, which is a well-known and standard service for this type of extension.
- [INDIRECT_PROMPT_INJECTION]: The skill handles untrusted data from Mermaid, CSV, and YAML inputs. It mitigates injection risks by enforcing XML escaping and including explicit instructions for the AI agent to avoid executing user-provided text.
Audit Metadata