Skills
skills/forcedotcom/afv-library/external-diagram-visual-generate/Gen Agent Trust Hub

external-diagram-visual-generate

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/check-prerequisites.sh includes an optional instruction to download and install the uv Python tool from its official source at https://astral.sh/uv/install.sh. This is a well-known developer utility from a reputable technology provider.
  • [COMMAND_EXECUTION]: The skill executes local commands for image generation and display.
  • Evidence: scripts/generate_image.py uses subprocess.run to open generated images in the macOS Preview application using the open command. This is implemented using a list of arguments, which prevents shell injection.
  • Evidence: The skill invokes the gemini CLI tool for low-resolution drafts.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes the @google/gemini-cli Node.js package, which is an official tool from a trusted organization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 12:31 PM
Security Audit — agent-trust-hub — external-diagram-visual-generate