The Agent Skills Directory

[SAFE]: The skill operates as intended for code diagramming. All operations are local to the user's project directory and utilize the vendor's own 'trailmark' library.
[EXTERNAL_DOWNLOADS]: The skill suggests installing the 'trailmark' package via 'uv pip install trailmark' if missing. This is a standard dependency installation for the tool's functionality.
[COMMAND_EXECUTION]: The skill runs 'uv run' to execute local scripts and analysis commands. These actions are restricted to the provided target directory and are necessary for generating code visualizations.
[DATA_EXFILTRATION]: No network calls or data transmission patterns were found. The tool focuses on local code analysis and generates text-based diagrams for display within the agent's response.
[PROMPT_INJECTION]: No malicious instructions or bypass attempts were found. The skill provides clear guidance on how to use the diagramming tools correctly.
[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted source code from the target directory to generate diagrams. Ingestion points include the target source files, and the output is wrapped in Mermaid code fences. Capability inventory includes local script execution via 'uv run'. The skill applies sanitization to node IDs and labels to ensure valid Mermaid syntax, which also serves to reduce potential injection risks into the diagram viewer.

diagramming-code