make-erd
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external sources such as PRDs and requirement definitions to generate diagrams.
- Ingestion points: Data enters the agent context through user prompts or uploaded files in formats like .md, .pdf, .txt, and .mmd (SKILL.md, README.md).
- Boundary markers: The instructions do not define specific delimiters or guardrails to prevent the agent from obeying instructions that might be embedded within the processed documentation.
- Capability inventory: The skill's primary capabilities include creating directories and writing Mermaid (.mmd) files to the local file system (SKILL.md).
- Sanitization: There is no evidence of input validation or sanitization routines to filter out malicious instructions from the source documents.
Audit Metadata