patent-diagram-generator
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Privilege Escalation] (MEDIUM): The skill documentation explicitly suggests using 'sudo apt install' for dependency resolution. An agent with the 'Bash' tool may attempt to execute these high-privilege commands autonomously to satisfy environment requirements, potentially bypassing intended user control.
- [Indirect Prompt Injection] (LOW): The skill takes user input to generate DOT code for rendering diagrams. Ingestion points: User-provided labels in steps and blocks. Boundary markers: None identified in DOT generation examples. Capability inventory: Bash, Write, and Read tools. Sanitization: No evidence of escaping or sanitizing special characters in labels, which could allow an attacker to inject DOT directives.
- [Unverifiable Dependencies] (LOW): Relies on external installation of Graphviz and the graphviz Python package without version pinning or integrity verification, which is a standard but noteworthy supply chain dependency.
Audit Metadata