Back to skill

Security audit

Drawio Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed diagram-generation helper that writes local draw.io files and uses local/export tools in ways that fit its purpose.

Install if you want a local draw.io diagram workflow. Expect it to create files in your working directory or requested output path, read selected code folders when asked to visualize code structure, optionally contact icon CDNs or diagrams.net for browser fallback, and store style presets in ~/.drawio-skill/styles only for style-management flows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation criteria are so broad that the skill may trigger proactively for many ordinary explanatory requests, not just explicit requests to create diagrams. Overbroad auto-selection increases the likelihood of unnecessary file writes, shell calls, code scanning, or network operations occurring in contexts where the user did not intend to invoke such a powerful skill.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The workflow directs the agent to write .drawio and export files to disk by default, but it does not require clear prior notice or consent from the user. Silent filesystem modification is risky because it can overwrite existing content, create artifacts in sensitive directories, or surprise users in shared or automated environments.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill instructs auto-launching local files and opening browser URLs without an explicit safety prompt. Opening files or URLs can trigger unexpected application behavior, leak metadata to external sites, or create a path for social engineering if the generated target is influenced by untrusted input.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.