skills/akillness/oh-my-skills/drawio/Gen Agent Trust Hub

drawio

Warn

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The installation script scripts/install.sh uses sudo apt-get install to install system-level dependencies like Graphviz on Linux, which involves executing commands with elevated privileges.
  • [EXTERNAL_DOWNLOADS]: The skill configuration and instructions direct the agent to download and install third-party code from the Agents365-ai GitHub organization via npx skills add and git clone operations.
  • [PROMPT_INJECTION]: The skill design presents an indirect prompt injection surface as it ingests and processes potentially untrusted external data (natural language descriptions and local source code) without documented sanitization. * Ingestion points: Natural language input and local codebase files (Python, JS/TS, Go, Rust) processed by scripts like pyimports.py and jsimports.py. * Boundary markers: Not present; the instructions do not specify any delimiters or instructions to ignore embedded commands within the processed data. * Capability inventory: The skill utilizes the Bash, Read, Write, Edit, and WebFetch tools, providing a wide range of actions that could be exploited by injected instructions. * Sanitization: There is no evidence of input validation or content escaping before the data is interpolated into the workflow.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 17, 2026, 09:39 AM
Security Audit — agent-trust-hub — drawio