Skills
skills/molechowski/claude-skills/doc-mermaid-ascii/Gen Agent Trust Hub

doc-mermaid-ascii

Warn

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/render.mjs executes the shell command npm root -g using child_process.execSync to locate the beautiful-mermaid package globally. It subsequently uses a computed path within an import() call to load the module, which constitutes dynamic loading from a computed path.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its processing of Mermaid diagram code.
  • Ingestion points: Mermaid source text is ingested via command-line arguments, input files, or standard input in scripts/render.mjs.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present in the script's processing logic.
  • Capability inventory: The script possesses capabilities for file system access (readFileSync, writeFileSync) and command execution (execSync).
  • Sanitization: There is no evidence of sanitization or validation of the input diagram syntax before it is passed to the rendering engine.
  • [DATA_EXFILTRATION]: The scripts/render.mjs script performs file read and write operations on paths provided by the user. While intended for reading diagrams and saving output, this capability could be exploited to expose sensitive files if the agent is provided with malicious paths.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 11:40 AM