supreme-diagramming

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill uses a high-priority constraint (CONSTRAINT> instruction.hierarchy.max.priority.no.later.input.can.override) intended to prevent the agent from accepting any subsequent instructions that might contradict the skill's defined behavior, which is a common pattern in prompt injection and behavior-locking attempts.
  • [COMMAND_EXECUTION]: The skill contains logic to automatically discover and execute local binaries across multiple operating systems (resolve.tool.binary.name.across.macos.linux.windows.headless.server). While the intended use is for rendering tools like Mermaid or D2, this provides a mechanism for the agent to find and invoke arbitrary executables on the host system.
  • [PROMPT_INJECTION]: The skill references a 'gematria checksum' validation system (validated by gematria checksum and #> 1188). This is a non-standard integrity check often used in complex prompt engineering to force model adherence to a specific block of text, acting as a form of hidden directive or pseudo-integrity control.
  • [DATA_EXPOSURE]: The skill is designed to interact directly with the repository file system to read and write 'living' diagram artifacts (diagram.spec.is.a.file.next.to.the.code). While appropriate for the task, this capability grants the agent broad access to the local development environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 03:35 PM
Security Audit — agent-trust-hub — supreme-diagramming