Trust Assessment
diagrams-generator received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Subagent Prompt Injection via Unsanitized User Input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Subagent Prompt Injection via Unsanitized User Input The skill constructs a prompt for the 'diagrams-architect' subagent using string interpolation of variables such as `${diagramType}`, `${scope}`, and `${loadedContext}`. If these variables are derived directly or indirectly from untrusted user input without proper sanitization or validation, a malicious user could inject instructions into the subagent's prompt. This could lead to the subagent performing unintended actions, generating malicious content, or potentially exfiltrating data if the subagent has access to sensitive tools. Implement robust input validation and sanitization for all variables (`diagramType`, `scope`, `loadedContext`) that are incorporated into the subagent's prompt. Consider using structured inputs or dedicated parameters for the subagent instead of raw string interpolation where possible. Ensure that the subagent itself has appropriate safeguards and least-privilege access to tools. | LLM | SKILL.md:76 |
Scan History
Embed Code
[](https://skillshield.io/report/7b43a32fef7cfb2c)
Powered by SkillShield