diagram

SUSPICIOUS. The core diagram capability is legitimate and mostly offline, but this skill is bundled with a large gstack control plane that reads broad local state, writes analytics, may sync artifacts remotely, and can modify repo files and commits unrelated to making a diagram. Same-org provenance lowers malware confidence, but the scope is disproportionate to the skill's stated purpose.