Skills
skills/umple/umple-skills/umple-diagram-generator/Gen Agent Trust Hub

umple-diagram-generator

Fail

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The convertGvToSvg function in scripts/main.ts uses execSync to execute the Graphviz dot command. It constructs the shell command by directly interpolating file paths derived from user-controllable input (--input and --output) without sanitization. This allows for arbitrary command execution if a user provides a filename containing shell metacharacters like double quotes or semicolons.
  • [REMOTE_CODE_EXECUTION]: The skill instructions in SKILL.md use npx -y bun to run the main logic. This involves the dynamic download and execution of the bun package from the NPM registry at runtime.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it transforms untrusted natural language requirements into Umple code. Since Umple allows embedding executable logic in actions and guards, malicious input could result in the generation of a model that executes unauthorized operations during processing.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 18, 2026, 08:08 PM