Skills
skills/automateyournetwork/netclaw/markmap-viz/Gen Agent Trust Hub

markmap-viz

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted markdown data (e.g., network logs, audit results) to generate visualizations, creating an indirect prompt injection surface.
  • Ingestion points: The markdown_content and outline_items parameters across multiple tools in SKILL.md accept external data.
  • Boundary markers: The documentation does not specify delimiters or instructions for the agent to ignore instructions embedded within the markdown content.
  • Capability inventory: The skill can read local files (markmap_render_file) and execute a Node.js script through the MCP interface.
  • Sanitization: No input validation or sanitization of the markdown content is indicated before it is passed to the rendering engine.
  • [COMMAND_EXECUTION]: The skill documentation describes executing a Node.js script via an environment variable (MARKMAP_MCP_SCRIPT) using the $MCP_CALL utility. This facilitates the execution of local code to perform visualization tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 12:31 AM