diagram-gen
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses 'npx ai-diagram' to download and execute code at runtime. This package does not originate from a verified vendor or trusted organization.
- [COMMAND_EXECUTION]: Execution of shell commands is used to run the diagram generation tool against local directories.
- [EXTERNAL_DOWNLOADS]: The 'npx' command triggers a download of the 'ai-diagram' package from the npm registry.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes content from the local file system using an LLM.
- Ingestion points: Source files located in the target directory (e.g., './src/') are read and processed.
- Boundary markers: Absent; there are no instructions or delimiters provided to ensure the LLM ignores instructions embedded within the analyzed source code.
- Capability inventory: The skill performs subprocess calls via 'npx' and accesses the local file system.
- Sanitization: No evidence of sanitization or filtering of external source content before it is passed to the generation process.
Audit Metadata