mermaid-gen
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The script uses
readFileSyncto read from local file paths provided as command-line arguments. While this is the primary purpose of the skill (encoding diagram files), it provides a mechanism for an agent to access sensitive files on the host system (e.g., config files, keys) and encode their contents into a public URL if the agent's input is manipulated via indirect prompt injection. - [COMMAND_EXECUTION] (SAFE): The script is intended to be run as a standalone CLI tool using the Bun runtime. It does not perform any additional shell command execution or package installation.
- [INDIRECT PROMPT INJECTION] (LOW): As a tool that processes external files and stdin, it is a target for indirect prompt injection. If the data being processed contains instructions that the agent follows, it could lead to the exposure of data through the generated Mermaid link.
Audit Metadata