Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
D2 Diagram Creator
v1.0.0Generate D2 diagram code supporting flowcharts, system architecture diagrams, organizational charts, service topology diagrams, state machine diagrams, swiml...
⭐ 0· 32·0 current·0 all-time
by@huta0kj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to generate D2 diagrams and the repo contains detailed generator/validator guidance, which is coherent. However the SKILL.md and validator expect the 'd2' CLI (and optionally Tala) and to run 'd2' commands, yet the registry metadata declares no required binaries. At minimum the skill should declare 'd2' (and 'python' to run the helper script) as required binaries. The README also recommends piping an external install script (curl | sh) which is not reflected in install metadata.
Instruction Scope
Runtime instructions are largely scoped to files under <skill-base-path> and to invoking the d2 CLI to validate and export diagrams. However the validator explicitly instructs running the included scripts/remove_watermark.py to remove a Tala watermark and states this is mandatory for Tala SVGs. The skill tells the agent to run external CLI commands and a local Python script that is not shown here — running an opaque script that modifies output files raises risk (could alter files, remove attribution, or perform other actions). The SKILL.md otherwise does not ask the agent to read unrelated user files or secrets.
Install Mechanism
There is no formal install spec (instruction-only skill), which minimizes automatic disk writes. However README suggests installing D2 via piping an external script (curl -fsSL https://d2lang.com/install.sh | sh -s --). That install recommendation is high-risk behavior if the user follows it blindly. The included codebase itself has no heavy install step, but the skill expects an external binary to be present.
Credentials
The skill requests no environment variables, secrets, or config paths. It does not require any cloud credentials or unrelated tokens. This is proportionate to its stated purpose (diagram generation).
Persistence & Privilege
The skill is not always-enabled and does not request special privileges or claim to modify other skills or global agent settings. It will run CLI tools and a bundled Python script within the skill directory, which is normal for an instruction-only skill.
What to consider before installing
Key things to consider before installing or running this skill:
- The SKILL.md/validator expect the 'd2' CLI (and optionally the Tala engine) and to run 'd2' commands, but the skill metadata does not declare required binaries — ensure you have d2 installed separately and that you trust the install source before running any 'curl | sh' installer.
- The skill includes a scripts/remove_watermark.py and the validator forces running it to remove Tala watermarks. Inspect the full contents of that script before running it (look for network calls, file exfiltration, or unexpected behavior). If you are not comfortable, do not run it or run it in an isolated environment.
- Avoid blindly executing remote install commands from README (curl | sh). Prefer reviewing the installer or using official package managers or vendor-provided packages.
- If you want higher assurance, ask the publisher to: (1) declare required binaries (d2, python) in metadata, (2) include the full remove_watermark.py content in the skill description with an explanation of exactly what it changes, and (3) avoid mandating watermark removal or clearly explain legal/licensing implications.
- If you share the contents of scripts/remove_watermark.py here (or allow me to inspect it), I can reassess and likely raise confidence to 'high' if it does only safe local SVG edits.Like a lobster shell, security has layers — review code before you run it.
latestvk9736fefdm3xk8504nzny8a40n843cn7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.