The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill is designed to process external content such as org chart patterns and visual documentation requests. It lacks boundary markers or sanitization logic to separate data from instructions. Ingestion points: User-provided org chart descriptions and diagram patterns. Boundary markers: None specified in the instructions. Capability inventory: Access to Bash, Write, Edit, Read, and Grep tools. Sanitization: None mentioned. This combination allows a malicious payload within a diagram description to potentially trigger arbitrary commands via the allowed Bash tool.- [Command Execution] (MEDIUM): The skill explicitly requests allowed-tools: Bash and Write. While potentially useful for generating SVG or Mermaid files, granting shell access to a skill that handles untrusted visual content descriptions is a violation of the principle of least privilege and significantly increases the risk of system compromise.

org-chart-creator