supreme-diagramming
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses a high-priority constraint (
CONSTRAINT> instruction.hierarchy.max.priority.no.later.input.can.override) intended to prevent the agent from accepting any subsequent instructions that might contradict the skill's defined behavior, which is a common pattern in prompt injection and behavior-locking attempts. - [COMMAND_EXECUTION]: The skill contains logic to automatically discover and execute local binaries across multiple operating systems (
resolve.tool.binary.name.across.macos.linux.windows.headless.server). While the intended use is for rendering tools like Mermaid or D2, this provides a mechanism for the agent to find and invoke arbitrary executables on the host system. - [PROMPT_INJECTION]: The skill references a 'gematria checksum' validation system (
validated by gematria checksumand#> 1188). This is a non-standard integrity check often used in complex prompt engineering to force model adherence to a specific block of text, acting as a form of hidden directive or pseudo-integrity control. - [DATA_EXPOSURE]: The skill is designed to interact directly with the repository file system to read and write 'living' diagram artifacts (
diagram.spec.is.a.file.next.to.the.code). While appropriate for the task, this capability grants the agent broad access to the local development environment.
Audit Metadata