mermaid-to-png
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- DATA_EXFILTRATION (LOW): The script transmits mermaid diagram source code to
https://mermaid.inkfor rendering. While this is the intended functionality, it sends local data to an external, non-whitelisted domain. - EXTERNAL_DOWNLOADS (LOW): The script fetches rendered PNG images from the external
mermaid.inkservice. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection via the processing of untrusted markdown content.
- Ingestion points: Markdown file content read via
readFileinmermaid-to-png.ts. - Boundary markers: Uses triple-backtick mermaid markers but lacks instructions to ignore malicious embedded text.
- Capability inventory: File read/write and network access (
fetch) inmermaid-to-png.ts. - Sanitization: None performed on the input content before processing or external transmission.
Audit Metadata