drawio-diagram
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes a Python script (
scripts/download_reference_set.py) that fetches design guidelines and images from official, well-known domains including openai.com, anthropic.com, and vercel.com. These downloads are used to populate a local reference set for the AI to follow. - [COMMAND_EXECUTION]: The skill uses shell commands to find and run the
drawiodesktop CLI for exporting diagrams to PNG, SVG, or PDF formats. It also usesnpxto execute community-standard tools like@drawio/postprocessand@hediet/drawio-exportwhen the desktop app is not available. - [SAFE]: No indicators of prompt injection, data exfiltration, or malicious obfuscation were found. The skill's behavior is consistent with its stated purpose of improving diagram authoring quality.
Audit Metadata