moai-library-mermaid
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (LOW): The skill requests
Bash(npx:*)andBash(mmdc:*)permissions in itsallowed-toolsconfiguration. This is used to run the Mermaid CLI and Playwright-based rendering tools. While these are appropriate for the skill's stated purpose, thenpx:*wildcard allows for the execution of any arbitrary Node.js package. - [External Downloads] (LOW): To function as described, the skill downloads and executes packages from the NPM registry at runtime using
npx. This creates a dependency on external infrastructure (NPM) and the integrity of the downloaded packages. - [Indirect Prompt Injection] (LOW): The skill's primary function is to process and render Mermaid diagram syntax, which may include untrusted input from users or external files.
- Ingestion points: Mermaid diagram definitions passed to the rendering tools (e.g., via
mmdc). - Boundary markers: Absent; the skill processes raw syntax strings without explicit sanitization or delimiters described in the provided files.
- Capability inventory: Includes
Bashcommand execution and network access (via Playwright/npx) to render diagrams. - Sanitization: Not explicitly implemented in the skill; relies on the default security levels of the Mermaid rendering engine.
Audit Metadata