mermaid-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill exhibits a surface for indirect prompt injection (Category 8) by processing untrusted user input into Mermaid diagram files that are then executed by a CLI tool. 1. Ingestion points: User-provided descriptions are converted to .mmd files as described in the workflow (SKILL.md). 2. Boundary markers: Absent; no delimiters or warnings are used for the generated content. 3. Capability inventory: Command execution of the mmdc tool (SKILL.md). 4. Sanitization: Absent; no validation of the generated syntax is performed.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill suggests installing the official @mermaid-js/mermaid-cli package. This is the industry-standard tool for the task.
- [COMMAND_EXECUTION] (SAFE): The execution of the mmdc command is limited to its intended purpose of diagram generation.
Audit Metadata