technical-svg-diagrams
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The script
scripts/create-html.tsperforms raw injection of SVG content into an HTML template used for high-quality rendering.\n - Ingestion points: The script reads content from a file path provided via the
--svgargument.\n - Boundary markers: None present; the SVG content is directly embedded into the HTML structure.\n
- Capability inventory: The generated HTML is intended to be opened by
agent-browser, a high-capability tool with network access and potential local file visibility.\n - Sanitization: No sanitization or validation of the SVG XML is performed, allowing
<script>tags or malicious event handlers to persist in the output HTML.\n- [Command Execution] (LOW): The documentation inSKILL.mdincludes various shell command examples for image conversion and environment setup.\n - Evidence: Usage of
uvx,convert(ImageMagick), andrsvg-convertis recommended for exporting diagrams.\n- [External Downloads] (LOW): The skill instructions recommend installing external dependencies from public registries and system package managers.\n - Evidence: Mentions of
uvx --from cairosvg,brew install cairo, andapt install libcairo2-dev.
Audit Metadata