Skills
skills/aradotso/design-skills/system-design-visualizer-tool/Gen Agent Trust Hub

system-design-visualizer-tool

Warn

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to clone and execute code from an external GitHub repository (github.com/mallahyari/system-design-visualizer).
  • [PROMPT_INJECTION]: The skill processes untrusted image data through an AI model without adequate boundary markers, making it susceptible to indirect prompt injection if an image contains malicious text instructions.
  • Ingestion points: ImageUploader component in SKILL.md accepts external images.
  • Boundary markers: Absent; the prompt for analyzeSystemDesign does not include instructions to ignore instructions found within the uploaded image.
  • Capability inventory: The setup process involves running shell commands (npm install, npm run dev) for the cloned project.
  • Sanitization: The skill parses AI-generated code snippets using regular expressions and renders AI-provided metadata without explicit sanitization.
  • [COMMAND_EXECUTION]: The documentation provides shell commands for cloning repositories and installing dependencies.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 17, 2026, 06:50 PM