Skills
skills/tychohq/agent-skills/diagrams/Gen Agent Trust Hub

diagrams

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script render-elk.mjs is vulnerable to command injection through its use of execSync with unsanitized filenames. When the --png flag is enabled, filenames from the input directory are interpolated directly into a shell command for the sips utility. An attacker who can place files with malicious names containing shell command substitution (e.g., $(whoami).json) in the target directory can achieve arbitrary code execution on the host system.
  • [COMMAND_EXECUTION]: The skill uses createRequire(process.cwd() + '/') to dynamically load the elkjs dependency from the user's current working directory. This pattern can lead to the execution of untrusted code if the agent is operating within a compromised project directory where the local node_modules folder has been tampered with.
  • [EXTERNAL_DOWNLOADS]: The skill instructions in SKILL.md require the user to manually install the elkjs package from the npm registry, which is an external dependency necessary for the rendering script to function.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 26, 2026, 03:58 AM