Skills
skills/iofficeai/aionui/mermaid/Gen Agent Trust Hub

mermaid

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The script scripts/render.ts performs an automatic installation of the beautiful-mermaid package using npm install if the dependency is missing. This happens at runtime without version pinning.
  • [Indirect Prompt Injection] (LOW): The skill processes untrusted Mermaid code from files or standard input. 1. Ingestion points: readFileSync and readStdin in scripts/render.ts. 2. Boundary markers: None present. 3. Capability inventory: File reading, writing, and command execution via execSync. 4. Sanitization: No input validation or sanitization is performed on user-provided Mermaid code.
  • [Dynamic Execution] (MEDIUM): The script uses dynamic import() to load the beautiful-mermaid library after installation, which represents a runtime code loading risk.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:32 PM