excalidraw-diagram-generator
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes Python scripts (
add-arrow.py,add-icon-to-diagram.py,split-excalidraw-library.py) to perform diagram editing and library management. These scripts perform local file operations including reading, writing, and renaming. Safety checks are implemented to restrict file modifications primarily to the.excalidrawformat, and filename sanitization is used to prevent path traversal. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from Excalidraw library files (
.excalidrawlib) viasplit-excalidraw-library.pyand processes them into reference files (reference.md) and individual icon JSON files that the AI agent subsequently parses. Maliciously crafted library items could embed instructions within icon names or metadata to influence the agent's behavior. No explicit boundary markers or warnings are used in the generated reference documents to mitigate this risk. - [EXTERNAL_DOWNLOADS]: The documentation references
https://libraries.excalidraw.com/for downloading icon libraries. This is an established and official resource for Excalidraw users and is treated as a safe external source for manual downloads of diagram components.
Audit Metadata