Skills
skills/elwinliu/umple-skills/umple-diagram-generator/Gen Agent Trust Hub

umple-diagram-generator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes multiple system commands including umple, dot, mkdir, and cp. These are necessary for its primary function of model compilation and diagram rendering.
  • [EXTERNAL_DOWNLOADS] (LOW): The script is invoked using npx -y bun, which may download the Bun runtime from the npm registry at runtime. This is a standard developer workflow but constitutes a remote dependency fetch.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it transforms untrusted user requirements into executable Umple code.
  • Ingestion points: Natural language requirements provided by the user in the prompt.
  • Boundary markers: No specific delimiters or safety warnings are implemented to separate user data from the generation logic.
  • Capability inventory: The umple tool processes the generated .ump file, which can contain code-based 'actions' or 'guards'.
  • Sanitization: The skill relies on a manual guardrail instructing the agent to keep actions minimal, rather than technical validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:10 PM