excalidraw
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. 1. Ingestion points: Codebase files (Step 1). 2. Boundary markers: Absent. 3. Capability inventory: 'mcp__excalidraw__export_to_image' (file writing) and 'mcp__excalidraw__export_to_excalidraw_url' (network operations). 4. Sanitization: Absent. Instructions embedded in code could influence diagram content or tool usage.
- [DATA_EXFILTRATION]: Diagram data is exported to the well-known service Excalidraw, which is the primary intended function.
- [COMMAND_EXECUTION]: The skill utilizes tools to write diagram files to user-specified local paths.
Audit Metadata