artifact-diagram
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill architecture is designed to produce secure, static artifacts. By using inline SVG and local CSS rather than external libraries or scripts, the skill minimizes the potential for remote code execution or data exfiltration via the generated files.
- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it interpolates user input into HTML templates for diagram titles and labels.
- Ingestion points: The main instruction file SKILL.md defines triggers based on user requests for diagrams.
- Boundary markers: HTML templates like templates/flowchart.html use simple placeholders without explicit boundary delimiters or 'ignore' instructions for the agent.
- Capability inventory: The skill is confined to text and SVG generation within a single HTML file; it does not include executable scripts, network access tools, or file system manipulation capabilities.
- Sanitization: No specific instructions are provided for sanitizing or escaping user-provided data before it is rendered in the final artifact.
Audit Metadata