drawio
Warn
Audited by Socket on Jun 17, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the core diagramming purpose is coherent and the draw.io CLI source appears official, but the wrapper materially expands trust by instructing transitive installation of external skill bundles and a referenced local installer script. There is no clear credential theft or exfiltration, so this is not malicious, but the install/execution footprint is broader than a simple diagram helper.
Confidence: 100%Severity: 60%
Audit Metadata