baoyu-diagram
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses clear, instructional language to define diagram routing and generation. There are no attempts to override safety guardrails or extract system prompts.
- [DATA_EXFILTRATION]: There is no evidence of network-enabled tools (e.g., curl, wget) or commands that access sensitive credentials. The skill does not communicate with external endpoints.
- [COMMAND_EXECUTION]: The skill's operations are confined to generating SVG strings and saving them to a local 'diagram/' directory. No arbitrary shell command execution or privilege escalation vectors were identified.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute external scripts. It relies entirely on built-in logic and provided reference documentation to construct diagram markup.
- [INDIRECT_PROMPT_INJECTION]: The skill is capable of reading user-specified markdown files as source material. While this presents a potential surface for indirect injection, the skill's multi-step planning and layout workflow (Step 4) forces the agent to treat input as data to be structured, providing a natural defense against behavioral hijacking.
Audit Metadata