mermaid
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill is distributed through an untrusted GitHub repository (natsuboy/agent-skills), which does not belong to the list of trusted organizations or specific repositories specified in the policy.\n- [PROMPT_INJECTION] (LOW): The skill has an indirect prompt injection surface as it processes untrusted user instructions into Mermaid code which is subsequently used as input for a validation script.\n
- Ingestion points: User requests for diagram generation as described in the README.md.\n
- Boundary markers: Absent in the provided documentation and templates.\n
- Capability inventory: Local script execution (scripts/validate_mermaid.py) referenced as a core component.\n
- Sanitization: No sanitization or validation logic was observed in the provided files.\n- [COMMAND_EXECUTION] (LOW): The skill documentation references the execution of a Python-based validation script (scripts/validate_mermaid.py) for diagram verification.\n- [NO_CODE] (SAFE): The 29 provided files consist solely of Markdown templates and documentation; no executable Python or Node.js code files were included in the analyzed set, making it low risk in terms of direct execution.
Audit Metadata