skills/jgraph/drawio-mcp/drawio/Gen Agent Trust Hub

drawio

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to use shell commands to export diagrams via the Draw.io desktop application CLI and to open generated files using system-specific utilities like open, xdg-open, or cmd.exe. These commands are standard for the tool's intended use of creating and viewing diagrams.
  • [EXTERNAL_DOWNLOADS]: The skill references an external XML documentation guide at https://raw.githubusercontent.com/jgraph/drawio-mcp/main/shared/xml-reference.md. This is a legitimate documentation resource hosted on the official GitHub repository belonging to the author/vendor (jgraph).
  • [SAFE]: The skill employs environment detection (e.g., checking /proc/version for WSL2) to correctly configure executable paths and command syntax across different operating systems, which is a common practice for multi-platform developer tools.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 07:07 PM
Security Audit — agent-trust-hub — drawio