The Agent Skills Directory

[SAFE]: The skill operates as described, converting user prompts into professional diagrams via the ProcessOn API. All network communications are directed to the official domain smart.processon.com.
[DATA_EXPOSURE_&_EXFILTRATION]: The skill requires a PROCESSON_API_KEY for authentication in its fallback mode. It correctly instructs users to manage this via environment variables (PROCESSON_API_KEY) and explicitly states it does not collect keys in the chat or modify environment variables automatically, which is a secure practice.
[COMMAND_EXECUTION]: The skill includes a Python script (scripts/processon_api_client.py) that handles API requests and image saving. The script uses standard libraries and does not execute arbitrary shell commands or process untrusted code.
[INDIRECT_PROMPT_INJECTION]: While the skill processes user-supplied text and images to generate diagrams (an ingestion surface), the risk is minimal. The generated content is returned as a static image or a DSL string, and the skill includes instructions to optimize the prompt with professional constraints, which helps guide the output toward the intended purpose.

processon-diagramgen