Skills
skills/agents365-ai/365-skills/tldraw-skill/Gen Agent Trust Hub

tldraw-skill

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several system commands to fulfill its functionality. These include dependency management via npm install, directory creation using mkdir -p, and diagram processing using the tldraw CLI. It also utilizes platform-specific commands such as open (macOS), xdg-open (Linux), and start (Windows) to allow users to preview generated files.
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs the @kitschpatrol/tldraw-cli package from the public npm registry to enable diagram exporting capabilities.
  • [REMOTE_CODE_EXECUTION]: The skill implements a self-maintenance workflow that checks for newer versions using git ls-remote. If an update is detected, it offers to perform a git pull to update the skill's own instructions and logic. This mechanism is transparent, as it explicitly asks for user permission before modifying the skill directory.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 01:30 PM