mermaid-expert
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses cat and ls commands to read its own reference material (SKILL.md, Steps 2 and 3). These commands are restricted to the skill's local directory and are used for information retrieval only.
- [PROMPT_INJECTION]: The skill analyzes user input to generate diagrams (SKILL.md, Step 1). This is a standard surface for indirect prompt injection (ingestion point: SKILL.md; capability inventory: cat, ls; boundary markers: absent; sanitization: absent). However, given the limited scope and lack of sensitive data access, this surface does not pose a significant risk.
Audit Metadata