Skills
skills/ssshooter/mind-elixir-core/Export Mind Map as Image/Gen Agent Trust Hub

Export Mind Map as Image

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the installation of the @zumer/snapdom package via npm. This package is not from a trusted GitHub organization or repository listed in the security policy.
  • [PROMPT_INJECTION] (LOW): The skill processes mind map nodes and provides a file download capability, creating an indirect prompt injection surface. Ingestion points: mind.nodes in SKILL.md; Boundary markers: Absent; Capability inventory: result.download (file-write) in SKILL.md; Sanitization: Absent.
  • [COMMAND_EXECUTION] (SAFE): The skill uses standard npm installation and JavaScript API calls without suspicious arguments or privilege escalation.
  • [DATA_EXFILTRATION] (SAFE): No evidence was found of unauthorized network requests to external domains or access to sensitive local system files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:36 PM