Skills
skills/zeroz-lab/gmdiagram/architecture-diagram/Gen Agent Trust Hub

architecture-diagram

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a bash script scripts/export.sh used to convert diagrams to PNG or PDF formats.
  • The script implements a security check to verify that the output path is within the current working directory (ALLOWED_DIR), which prevents directory traversal attacks.
  • It uses standard system utilities like mktemp for temporary file handling and sed for content extraction.
  • [EXTERNAL_DOWNLOADS]: The scripts/export.sh script automates the installation of the @resvg/resvg-js dependency from the npm registry if it is missing.
  • This dependency is a well-known, high-performance SVG rendering library.
  • The installation is scoped to the skill's own script directory and is necessary for the core functionality of exporting images.
  • [SAFE]: The core instructions in SKILL.md contain a mandatory security rule for the agent to HTML-entity-escape all user-supplied text inserted into labels, titles, and descriptions.
  • This proactive measure effectively mitigates the risk of Cross-Site Scripting (XSS) in the generated HTML and SVG outputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 05:44 AM