Skills
skills/thomast1906/github-copilot-agent-skills/excalidraw-mcp-diagramming/Gen Agent Trust Hub

excalidraw-mcp-diagramming

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill connects to the Excalidraw MCP server at https://mcp.excalidraw.com to perform diagramming tasks.\n- [COMMAND_EXECUTION]: The export_to_image and export_scene tools allow saving data to a local filePath. This tool could be manipulated to perform unauthorized file system writes if an attacker provides a malicious path through indirect injection.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted inputs while possessing sensitive capabilities.\n
  • Ingestion points: Ingests untrusted data via user requests and the mermaidDiagram parameter in create_from_mermaid (SKILL.md).\n
  • Boundary markers: There are no explicit instructions or delimiters defined to distinguish diagram data from instructions.\n
  • Capability inventory: Includes tools for local file system writes and interaction with an external network service (SKILL.md).\n
  • Sanitization: No evidence of sanitization or path validation is present in the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 03:15 PM