Skills
skills/ahgraber/skills/mermaid/Gen Agent Trust Hub

mermaid

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts scripts/render_mermaid.py and scripts/validate_mermaid.py invoke the mmdc (Mermaid CLI) tool using subprocess.run. The implementation uses an argument list rather than a shell string, which mitigates command injection risks.
  • [EXTERNAL_DOWNLOADS]: The skill can download the Chromium browser binary from well-known sources via the pyppeteer library's chromium_downloader when the --install-chromium flag is used.
  • [EXTERNAL_DOWNLOADS]: Declares a dependency on the pyppeteer Python package and expects the mmdc command-line utility to be available on the system PATH.
  • [PROMPT_INJECTION]: The skill processes diagram code provided via files or standard input, which constitutes an indirect prompt injection surface.
  • Ingestion points: scripts/render_mermaid.py and scripts/validate_mermaid.py read Mermaid content from files or standard input.
  • Boundary markers: Absent. The Mermaid source is passed to the tool without explicit delimiters or instructions to prevent processing of embedded commands.
  • Capability inventory: The skill can execute the mmdc subprocess and perform local file system read/write operations.
  • Sanitization: Absent. Input is processed without validation or filtering of the Mermaid syntax before being passed to the CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 08:49 AM