excalidraw-skill
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to set up an external backend server by cloning a repository from GitHub (
github.com/yctimlin/mcp_excalidraw). - [COMMAND_EXECUTION]: Includes a suite of Node.js scripts (
scripts/*.cjs) that interact with the canvas API and the local filesystem to import/export diagram data using standard Node.js APIs likefetchandfs. - [DATA_EXFILTRATION]: Provides an explicit tool and workflow (
export_to_excalidraw_url) for uploading diagram data to the well-knownexcalidraw.comservice to generate shareable links. - [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill's capabilities are transparently documented and consistent with its primary purpose of diagram automation.
Audit Metadata