skills/jeremylongshore/claude-code-plugins-plus-skills/architecture-diagram-creator/Gen Agent Trust Hub
architecture-diagram-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill creates a high-risk attack surface by processing untrusted user requests while holding execution and filesystem modification permissions. * Ingestion points: User requests regarding architecture diagrams, patterns, and visual content. * Boundary markers: Absent; no delimiters or 'ignore' instructions are provided to separate user-provided data from system instructions. * Capability inventory: Access to 'Bash' for shell execution and 'Write'/'Edit' for modifying local files. * Sanitization: Absent; no validation or escaping logic is defined for input strings.
- Command Execution (HIGH): The skill explicitly allows the 'Bash' tool within its metadata. Without restrictive prompt engineering or input filtering, this capability allows for the execution of arbitrary commands if the agent is manipulated by malicious user input.
Recommendations
- AI detected serious security threats
Audit Metadata