create-workflow-diagram
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands to manage the diagram lifecycle, including running a Node.js script (
screenshot-diagram.js) for image capture and performing environment setup usingnpmandnpx. - [EXTERNAL_DOWNLOADS]: To facilitate diagram rendering, the skill installs the Playwright automation framework and the Chromium browser binary from Microsoft. It also fetches typography resources from Google's official font CDN at runtime.
- [PROMPT_INJECTION]: The skill processes untrusted user-provided workflow descriptions in
SKILL.mdwithout explicit boundary markers or sanitization logic. This constitutes an indirect prompt injection surface where malicious inputs could attempt to influence the agent's parsing behavior or the generated HTML content, though the risk is mitigated by the restricted nature of the output generation.
Audit Metadata