excalidraw-render
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npx @swiftlysingh/excalidraw-clito perform image rendering. This pattern downloads and executes code from a third-party npm package at runtime without a pinned version, which introduces a dependency on an external, unverified source. - [COMMAND_EXECUTION]: The skill executes shell commands via
npxto convert Excalidraw JSON files to PNG images. This execution is gated by the agent's logic but relies on file paths and content influenced by user input. - [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted user data to generate diagrams.
- Ingestion points: User-provided ASCII sketches, descriptions, component lists, and screenshots are processed in the workflow defined in
SKILL.md. - Boundary markers: Absent. The skill instructions do not specify any delimiters or instructions to ignore embedded commands within the user's diagram descriptions.
- Capability inventory: The skill can execute shell commands (
npx), write files (.excalidraw), and read files (.png). - Sanitization: Absent. There is no evidence of input validation or escaping before the user data is incorporated into the layout brief and passed to sub-agents.
Audit Metadata