Skills
skills/dtsong/my-claude-setup/generate-diagram/Gen Agent Trust Hub

generate-diagram

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes the contents of external text files.\n
  • Ingestion points: The methodology text file read from $ARGUMENTS[0] in SKILL.md.\n
  • Boundary markers: Absent; the content is passed directly to the paperbanana:generate_diagram MCP tool without delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill uses the Read tool for file system access, restricted Bash for executing the paperbanana CLI, and an MCP tool for communication and generation (referenced in SKILL.md).\n
  • Sanitization: While path-based sanitization is implemented to block shell metacharacters and sensitive directories, there is no validation or sanitization of the file's text content to prevent malicious instructions from being interpreted by the model or tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:19 AM