excalidraw
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements diagram generation and management using standard practices and localized scripts without external dependencies.
- [COMMAND_EXECUTION]: The skill uses Python scripts (
add-arrow.py,add-icon-to-diagram.py,split-excalidraw-library.py) to automate the processing of JSON-based diagram data. These scripts perform coordinate transformations, ID generation via UUID, and file I/O on paths explicitly provided in instructions. All operations are local and consistent with the skill's purpose. - [EXTERNAL_DOWNLOADS]: The documentation suggests downloading icon libraries from
libraries.excalidraw.com. This is the official and well-known service for the Excalidraw project. No other external downloads or remote script executions are present. - [DATA_EXFILTRATION]: No network exfiltration or unauthorized sensitive file access patterns were found. The skill operates within the workspace to generate and update
.excalidrawfiles.
Audit Metadata