diagram
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a standard workflow for generating and rendering visual diagrams using a local CLI tool (
snip). It adheres to security best practices by using a dedicated temporary directory (~/.snip/tmp/) for intermediate files. - [COMMAND_EXECUTION]: The skill uses the
snip rendercommand to process Mermaid and HTML source files. This execution is limited to the defined rendering task and does not include patterns for shell injection or arbitrary command execution. - [PROMPT_INJECTION]: The skill describes an indirect prompt injection surface as it ingests untrusted data from the conversation context to generate diagrams. However, it incorporates mitigation by explicitly stating that the HTML rendering environment is sandboxed and prevents the execution of scripts or canvas-based JavaScript.
- Ingestion points: Reads conversation context to determine diagram content (SKILL.md).
- Boundary markers: Explicit instructions define the scope of visualization and file formats.
- Capability inventory: Uses the file-write tool and bash command execution for rendering (SKILL.md).
- Sanitization: Employs sandboxing for HTML previews to prevent executable code injection.
Audit Metadata