architecture-diagram
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill focuses on visual artifact generation using localized templates and static assets. No patterns of data exfiltration, prompt injection, or unauthorized command execution were found.
- [DATA_EXFILTRATION]: Network activity is restricted to fetching standard web fonts from Google's official domains, which are well-known services. No attempts to access or transmit sensitive user data were identified.
- [REMOTE_CODE_EXECUTION]: The skill does not include any mechanisms for downloading external scripts or executing remote code.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied architecture descriptions to generate HTML content. While it ingests untrusted data without explicit sanitization or boundary markers, the risk is minimal given the static visual nature of the output. Ingestion points: $ARGUMENTS in SKILL.md. Boundary markers: Absent. Capability inventory: Write tool used for generating .html files. Sanitization: Absent.
Audit Metadata