excalidraw
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified in the skill's instructions or referenced color palette guides. All operations align with the stated purpose of diagram generation.
- [DATA_EXPOSURE]: The skill references tools such as
export_to_imageandexport_scenewhich accept file path arguments. These are standard features of the Excalidraw MCP integration for saving output and do not involve unauthorized data access or exfiltration instructions. - [PROMPT_INJECTION]: The skill instructions include a 'Self-Critique Loop' and guidance on reproducing content from user-provided samples. While this represents a surface area for indirect prompt injection (processing untrusted input), the instructions maintain a focus on visual reproduction and layout validation without introducing risky command execution or exfiltration capabilities.
Audit Metadata