skills/jeremylongshore/claude-code-plugins-plus-skills/technical-diagram-analyzer/Gen Agent Trust Hub
technical-diagram-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted visual content and diagrams while maintaining high-privilege tool access without defined safety boundaries.
- Ingestion points: Processes user-provided technical diagrams, charts, and visual documentation tools (SKILL.md).
- Boundary markers: Absent. There are no instructions for the agent to distinguish between its own system instructions and instructions potentially embedded in the diagrams or code being analyzed.
- Capability inventory: Access to
Bash,Write,Edit,Read, andGrep. This combination allows for significant system modification and command execution (SKILL.md). - Sanitization: Absent. The skill does not define validation or escaping protocols for data extracted from visual inputs before processing them through high-privilege tools.
Audit Metadata