d2-diagram

The skill presents a coherent, purpose-aligned approach to diagram creation with D2. It leverages standard, install-based delivery (mise/go install) and guides users through configuration and usage. There are noCredential exposure, no external network calls, and data flows are local to diagram generation. The primary security considerations relate to supply-chain risk from installing third-party tooling (via mise or Go) and ensuring the D2 binary obtained is trustworthy. Overall, the footprint is benign and proportionate to its stated purpose, but the use of unverifiable binaries or untrusted module sources should be mitigated by using official registries and verified releases, and by pinning versions where possible.