processon-diagram-generator
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a version integrity check using a remote JSON file hosted on the vendor's official GitHub repository.
- [SAFE]: The skill uses an API client to communicate with the official ProcessOn domain for diagram generation and rendering. Authentication is handled securely via user-defined environment variables.
- [SAFE]: Installation and update instructions utilize the official vendor repository, ensuring the chain of trust is maintained.
- [PROMPT_INJECTION]: The skill processes natural language prompts into API requests. It lacks explicit boundary markers or sanitization for user input entering the prompt chain (ingestion point: user prompts in SKILL.md; capability: network access and script execution in processon_api_client.py; sanitization: none). However, this is consistent with its primary purpose and does not pose a threat to the execution environment.
Audit Metadata