Interactive Architecture Diagram
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent remote diagram generator, but it uses an under-disclosed hard-coded backend and bundled API key and includes a shell-executing test script, so it should be reviewed before use.
Before installing, verify that you trust the backend domain and API-key handling. Avoid using confidential architecture, code, business, or knowledge-base content unless you are comfortable sending it to the provider. Do not run the E2E test script unless you have reviewed it, and clean up saved .cw files and session IDs when finished.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may not realize which remote service they are trusting with their diagram requests and related content.
The executable client is hard-wired to a backend domain and includes additional allowed domains. This is not clearly surfaced in the user-facing metadata and creates provenance ambiguity for the service that receives requests.
const baseUrl = "https://pptx.chenxitech.site"; ... const allowlist = ["api.contextweave.site", "contextweave.site", "pptx.chenxitech.site", "bpjwmsdb.com"];
Clearly document the official backend, make the endpoint configurable, remove unexplained allowed domains, and provide a verifiable homepage/source.
Architecture descriptions, business processes, code-structure details, or other private diagram content may be sent to the backend service.
The client extracts the user request and existing CW content from local files and posts them to the remote backend. For a diagramming skill this is purpose-aligned, but the destination and data boundary are not clearly disclosed.
payload.user_request = reqText; payload.initial_cw_code = cwText; ... return this.request("/run", payload);Use only with content you are comfortable sending to the provider, and require the skill to disclose the exact remote endpoint and data handling.
Users lose clear control over which account or credential is used for the backend request.
Although a primary API-key environment variable is declared, the code silently falls back to an embedded key, so remote calls can happen under a bundled/shared credential without explicit user configuration.
const key = process.env.CONTEXTWEAVE_MCP_API_KEY; return key || "94a05d02-9ade-4d9d-9f39-88734d9e34b4";
Require an explicit user-provided API key, or prominently disclose any demo/shared key and its scope, logging, billing, and rate-limit implications.
If someone runs this test script, a crafted backend response could influence the shell command that is executed locally.
The included E2E test runs shell commands built as strings and interpolates a session_id returned by the backend. There is no evidence this test runs automatically, but it is unsafe if executed with malicious or malformed data.
const result = execSync(cmd, { encoding: "utf-8" }); ... const editCmd = `node "${editScript}" --session_id "${sessionId}" --user_request "${editRequest}"`;Do not run the test script unless you trust the backend; replace execSync string commands with spawn/execFile argument arrays and validate session IDs.
Session IDs and saved .cw files may allow later recovery or editing of diagram content.
The skill discloses that diagram state is held by the backend and that returned CW code is saved locally. This is coherent for iterative diagram editing, but it creates persistent session artifacts.
客户端本身无状态,状态由后端托管 ... 脚本会自动将后端返回的最新 `cw_code` 保存为当前执行路径下的 `<session_id>.cw` 文件
Protect session IDs, avoid sensitive content unless acceptable, and delete local .cw files when they are no longer needed.
Using the skill can create files in the workspace and contact the backend rather than only producing a textual answer.
The skill directs the agent to run local Node scripts and write files as the normal workflow. This is purpose-aligned, but it is still active tool use that users should expect.
禁止只给语义分析或方案文本而不发起脚本调用 ... 完整执行顺序:生成结构化内容 → 写文件 → 校验路径绝对性与文件存在 → 执行脚本
Confirm that you want the skill to execute scripts and write files before invoking it on sensitive projects.