Skills
skills/rinbarpen/vibe-coding/drawio/Gen Agent Trust Hub

drawio

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill configuration in .mcp.json and installation scripts (install.sh, install.bat) use npx to fetch and execute the @next-ai-drawio/mcp-server package from the npm registry. This package is the core component for the skill's functionality.\n- [COMMAND_EXECUTION]: Shell commands are used within the installation scripts to verify the environment and check package versions using npm view. The MCP server is launched as a subprocess.\n- [PROMPT_INJECTION]: The skill extracts diagram data from untrusted user text and images, creating a surface for indirect prompt injection. It attempts to mitigate this through structured output and sanitization.\n
  • Ingestion points: User-provided descriptions and images processed through the 'A–H' format extraction prompts.\n
  • Boundary markers: Uses a deterministic 'A–H' section structure to define the diagram components.\n
  • Capability inventory: Manage browser sessions, create/edit diagram XML, and export files to the local system.\n
  • Sanitization: Implements validateMathText and escapeXmlAttr in src/math/index.js to reject HTML tags in labels and escape XML attributes, mitigating potential XSS and diagram structure corruption.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 02:10 AM