edu-visual-trace
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to invoke the
doc-mermaid-asciicommand-line tool to generate structural diagrams, which is a core feature of the skill. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface by ingesting arbitrary user-provided concept descriptions. Ingestion points: User input for concept explanation (SKILL.md). Boundary markers: None specified. Capability inventory: Interaction with the
doc-mermaid-asciiCLI tool. Sanitization: No input validation or escaping procedures are defined.
Audit Metadata