excalidraw

This artifact is a benign operational policy that prescribes delegation of Excalidraw file handling to subagents to avoid exhausting main-agent context. It does not contain explicit malicious code or external network calls. Primary risks are operational: transitive trust in subagents, potential overprivilege (unrestricted file reads/writes), and lack of explicit sandboxing, logging, or sanitization requirements which could enable data leakage or misuse. Recommended mitigations: enforce least-privilege and sandboxing for subagents, restrict filesystem paths and disable network access for subagent processes, require explicit user confirmation for file writes or destructive changes, avoid logging raw JSON, and sanitize extracted text to mitigate injection attempts. Overall assessment: low probability of direct malware but moderate security risk due to operational/execution assumptions.