The Agent Skills Directory

[COMMAND_EXECUTION]: The helper script scripts/query-org-metadata.py uses subprocess.run to call the official Salesforce CLI (sf). This is used to retrieve object record counts and Org-Wide Default sharing settings to enrich generated diagrams with accurate architectural context. The command execution uses static argument lists and avoids shell interpolation, ensuring safe operation.
[COMMAND_EXECUTION]: The scripts/mermaid_preview.py utility utilizes subprocess.Popen to launch the preview server as a background process. This is a legitimate use case for a developer tool, enabling a live-reload experience in the browser while the user iterates on diagrams.
[EXTERNAL_DOWNLOADS]: The preview server's HTML interface references the mermaid.js library from the JSDelivr CDN. This is a well-known and trusted source for the library and is used strictly for client-side rendering of diagrams.
[SAFE]: Analysis of the skill's instructions and asset templates found no evidence of prompt injection, data exfiltration, or obfuscation. The file access patterns are restricted to user-defined diagram files and internal temporary files (PID and status info) required for the preview server's operation.

external-diagram-mermaid-generate