html-diagram
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The instructions focus purely on visualization and UI design. No patterns involving behavior overrides, safety filter bypasses, or disregard for previous instructions were identified.
- [DATA_EXFILTRATION]: No attempts to access sensitive system files (e.g., SSH keys, AWS credentials) or environment variables were found. Network activity is limited to standard examples within code snippets, and actual executed scripts perform only local actions like clipboard copying or local file downloads.
- [REMOTE_CODE_EXECUTION]: The skill is explicitly self-contained and does not use any package managers or remote script execution (e.g., curl | bash). There are no external runtime dependencies.
- [COMMAND_EXECUTION]: No shell commands or privileged operations (e.g., sudo, chmod) are requested or used within the instructions or scripts.
- [SAFE]:
- The skill uses standard browser features like
localStoragefor theme persistence (found inarchitecture-example.html). - Interactivity is handled via native JavaScript for UI logic (e.g., drag-and-drop in
18-editor-triage-board.htmlor state toggling in07-prototype-animation.html). - Vendor-related resources (e.g.,
workspaces.plannotator.ai) are used appropriately for architectural documentation examples.
Audit Metadata