Diagram Workflow Method

Security checks across malware telemetry and agentic risk

Overview

This is a diagramming guidance skill that appears limited to helping generate SVG or Mermaid diagrams, with no executable code, credentials, persistence, or data-access behavior.

Safe to install if you want broad help turning systems, workflows, or data structures into diagrams. Be aware it may trigger on general words like draw or architecture, so invoke a different skill explicitly when you do not want diagram-focused output.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger list includes very broad English terms like 'draw', 'diagram', 'flowchart', and 'architecture', which can cause accidental invocation in unrelated contexts. Over-broad activation expands the skill's execution surface and can override more appropriate skills or workflows, increasing the chance of unintended behavior and prompt-routing abuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal