diagramming
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown documentation and JSON schema specifications. There are no scripts, binaries, or configuration files that execute code.
- [Indirect Prompt Injection] (LOW): The skill defines elements that can contain arbitrary text and HTML (specifically the 'Magic Frame' custom data). This represents an attack surface where a malicious diagram could attempt to influence the agent's behavior if the agent parses and acts upon the content of an existing diagram.
- Ingestion points: Reading/processing existing .excalidraw files or user-provided diagram descriptions.
- Boundary markers: None specified in the documentation.
- Capability inventory: None (the skill has no code to execute actions).
- Sanitization: None mentioned for text or HTML fields.
- [Data Exposure & Exfiltration] (LOW): The Excalidraw schema includes support for clickable URLs (
linkproperty) and Base64-encoded image data (dataURL). While these are standard features of the diagram format, they could be leveraged for phishing or data exfiltration if the agent is manipulated into placing sensitive information into these fields.
Audit Metadata