ClawHub

Draw.io CoderKnock - 智能架构图生成器

Security checks across malware telemetry and agentic risk

Overview

This skill generates local Draw.io diagram files and may open Draw.io automatically, which is disclosed and aligned with its purpose.

Install only if you are comfortable with the skill creating local diagram files and opening the local Draw.io application. Use a workspace intended for generated diagrams, and make sure the Draw.io executable on your PATH or system install location is legitimate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
elif sys.platform == "darwin":
                subprocess.run(["open", str(drawio_file)])
            else:
                subprocess.run([drawio_path, str(drawio_file)])
            return True
        except Exception as e:
            print(f"[ERROR] Failed to open: {e}")
Confidence
85% confidence
Finding
subprocess.run([drawio_path, str(drawio_file)])

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README advertises automatically launching a locally installed Draw.io application without clearly warning the user that a local executable may be started. In an agent/skill context, unexpected local application launch expands the trust boundary and can surprise users, especially if triggered from natural-language requests or automated workflows.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The skill explicitly states it will automatically detect and open the local Draw.io application. Automatically launching a local program without a clear prior warning or explicit user consent can surprise users, trigger unintended local actions, and normalize unsafe agent behavior around executing local applications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal