Skills
skills/wise-toddler/mcp_excalidraw/excalidraw-skill/Gen Agent Trust Hub

excalidraw-skill

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill setup process involves cloning a repository from the author's GitHub account (github.com/wise-toddler/mcp_excalidraw).
  • [COMMAND_EXECUTION]: The setup script executes shell commands including npm install, npm run build, and bash launch.sh to initialize the canvas server.
  • [DATA_EXFILTRATION]: CLI scripts (e.g., scripts/healthcheck.cjs, scripts/export-elements.cjs) use fetch to interact with a server URL provided via command-line arguments, which could be directed to external endpoints.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) when processing untrusted diagram data.
  • Ingestion points: create_from_mermaid (Mermaid diagram strings), import_scene (canvas state files), and describe_scene (reading labels and elements from the canvas).
  • Boundary markers: None identified in the provided instructions or tool definitions.
  • Capability inventory: Element CRUD operations (creation, update, deletion) on the live canvas and local file system writes via export_scene and export-elements.cjs.
  • Sanitization: No explicit sanitization or validation of input data is present in the provided scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 11:41 AM