canvas
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONNO_CODE
Full Analysis
- [DATA_EXFILTRATION] (LOW): The 'file' node type defined in SKILL.md and references/syntax.md provides a mechanism for the agent to reference local file paths in diagram output. This represents a potential surface for indirect prompt injection. Mandatory Evidence Chain: 1. Ingestion points: 'file' and 'url' attributes within generated JSON blocks. 2. Boundary markers: Absent for JSON node content. 3. Capability inventory: No scripts included; risk is limited to agent output manipulation. 4. Sanitization: No path validation or sanitization instructions provided to the agent.
- [NO_CODE] (SAFE): The skill consists exclusively of markdown documentation and syntax examples. It does not contain any executable scripts, binaries, or package dependencies.
Audit Metadata