plantuml-renderer
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands to invoke Java and the PlantUML library. These commands are well-defined and follow standard CLI usage patterns for the tool.
- Evidence in
SKILL.md: Commands likejava -jar "./assets/plantuml.jar" --format svg "<input_file>"are used for rendering. - Evidence in
SKILL.md: The skill includes a 'Quick Check' phase usingjava -versionto ensure environment readiness. - [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive file paths are accessed, and no network operations to non-whitelisted domains are initiated. The skill operates entirely on local inputs provided by the user.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It relies on a local JAR file (
./assets/plantuml.jar) and standard system Java. - [INDIRECT_PROMPT_INJECTION]: While the skill processes user-provided PlantUML text, it does so by passing it to an external rendering engine (PlantUML) which does not interpret the content as instructions for the AI agent. Boundary markers like
@startumland@endumlare used to isolate the data.
Audit Metadata