Back to skill

Security audit

Excalidraw Diagram Generator

Security checks across malware telemetry and agentic risk

Overview

This skill coherently renders Excalidraw JSON into PNG diagrams using a local Node.js renderer, with no evidence of hidden data access or malicious behavior.

Install this if you are comfortable with a skill that runs local Node.js code, installs npm dependencies, and downloads fonts during setup. Treat generated diagrams as local files that may remain in /tmp, and avoid putting secrets or confidential architecture details into diagrams unless that handling is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill explicitly instructs use of a shell command (`node <skill_dir>/scripts/render.js ...`) but declares no corresponding permissions, creating a capability/permission mismatch. This is risky because it can cause users or hosting systems to execute code without clear disclosure or policy gating, even though the command itself appears consistent with the diagram-rendering purpose of the skill.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The workflow writes user-generated diagram data to `/tmp/<name>.excalidraw`, renders a PNG, and then sends that file, but the description does not disclose local filesystem writes or outbound file transmission. This lack of transparency can lead to unintended handling of sensitive user content, especially if diagrams contain confidential architecture, credentials, or internal process information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.