The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill defines a high-risk attack surface by combining broad tool access with the processing of untrusted user input.
Ingestion points: Ingests user requests, patterns, and best practice inquiries regarding network diagrams.
Boundary markers: Absent; no instructions are provided to the agent to ignore embedded commands in user-provided network specifications.
Capability inventory: Granted high-privilege tools including Bash, Write, and Edit in the allowed-tools metadata.
Sanitization: No sanitization or validation protocols are defined for the input data.
Command Execution (MEDIUM): The skill requests Bash access for 'Visual Content' and 'Network Diagram' tasks. This violates the principle of least privilege, as generating diagrams (e.g., using Mermaid or Graphviz) typically does not require a shell environment. This access could be abused to perform unauthorized system operations.
No Code (INFO): The provided skill consists entirely of Markdown metadata and natural language instructions. No executable scripts, binaries, or configuration files are present within the skill definition.

network-diagram-generator