mermaid
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user-provided code and text to generate diagrams, which is an ingestion surface for indirect prompt injection. 1. Ingestion points: User requests and analyzed code in SKILL.md. 2. Boundary markers: Absent; there are no instructions to the agent to disregard instructions within the analyzed code. 3. Capability inventory: Execution of the mmdc CLI tool via Bash. 4. Sanitization: The skill recommends a kebab-case naming convention for files, which helps prevent shell injection, but it lacks sanitization for the Mermaid code content itself.
- Command Execution (SAFE): The skill utilizes the mmdc tool via Bash. The provided instructions for filename generation and tool usage are consistent with the intended purpose and do not suggest malicious intent.
Audit Metadata