draw-io
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a set of local utilities and guidelines for diagram management. All actions, including shell script execution (
scripts/convert-drawio-to-png.sh) and Python script execution (scripts/find_aws_icon.py), are transparent and restricted to the local environment and the skill's own reference files. - [COMMAND_EXECUTION]: The skill uses
mise execandpre-committo run conversion tasks. These are standard development tools and are used here within the context of the user's explicit request to convert files. - [EXTERNAL_DOWNLOADS]: The conversion script relies on the
drawioCLI being installed on the system. It does not attempt to download or install this dependency itself. TheSKILL.mdfile references official documentation and repositories for icons and tools, which is informative and safe. - [DATA_EXFILTRATION]: No network activity or sensitive data access patterns were identified. The scripts strictly process local
.drawiofiles and read from the skill's ownreferences/directory.
Audit Metadata