excalidraw
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No malicious override or bypass patterns detected. Instructional language uses keywords like 'CRITICAL' for layout accuracy, which is benign context.
- Data Exposure & Exfiltration (SAFE): The skill writes to a local output path (/mnt/user-data/outputs/) and does not perform network operations or access sensitive system files.
- Obfuscation (SAFE): Base64 strings found in documentation are standard PNG headers used for illustrative purposes in the image element schema.
- Indirect Prompt Injection (SAFE): The skill does not ingest external untrusted data; it solely processes the user's direct instructions to create visual diagrams.
Audit Metadata