skills/akillness/jeo-skills/drawio/Gen Agent Trust Hub

drawio

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads the core logic and diagram presets from the upstream repository Agents365-ai/drawio-skill via git clone or the npx skills installation utility.
  • [COMMAND_EXECUTION]: Orchestrates the installation of the draw.io desktop CLI and Graphviz using system package managers like brew (macOS) and apt-get (Linux), including the use of sudo for system-level installation.
  • [COMMAND_EXECUTION]: Executes a suite of local Python scripts (pyimports.py, autolayout.py, shapesearch.py, etc.) to extract codebase metadata and generate diagram XML files.
  • [PROMPT_INJECTION]: The skill processes external codebase files to generate diagrams, creating a surface for indirect prompt injection where malicious instructions embedded in the analyzed source code could attempt to influence the agent.
  • Ingestion points: Source code ingestion via pyimports.py, jsimports.py, goimports.py, and rustimports.py (SKILL.md, Step 4).
  • Boundary markers: Absent; the skill does not explicitly define delimiters to separate codebase content from instructions.
  • Capability inventory: The skill utilizes Bash, Read, Write, and WebFetch tools (SKILL.md, allowed-tools).
  • Sanitization: Not identified; codebase contents are processed for structural metadata without explicit filtering of natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — drawio