diagram-reports-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill parses untrusted data from markdown files in
docs/chapters/. Ingestion point: Chapter index.md files. Boundary markers: Absent in instructions. Capability inventory: Local Python script execution and file writing todocs/learning-graph/. Sanitization: Not mentioned. Maliciously crafted diagram specifications in chapter files could potentially manipulate the output reports. - Command Execution (LOW): The workflow requires copying and executing a bundled Python script (
diagram-report.py). While this is the intended functionality for the task, the execution of local scripts remains a sensitive operation. - Dynamic Execution (LOW): The skill writes a script to the local filesystem and then executes it via
python. This pattern is standard for this type of utility and is considered low risk given its localized scope.
Audit Metadata