diagram-to-image
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes shell commands to execute the mermaid-cli and a local Python script. This is the intended behavior for image conversion activities. Evidence: Calls to
mmdcandpython3 scripts/table_to_image.py.\n- EXTERNAL_DOWNLOADS (SAFE): The skill suggests installing dependencies from trusted public registries (npm and PyPI) only when missing. Evidence:npm install -g @mermaid-js/mermaid-cliandpip install pillow.\n- PROMPT_INJECTION (SAFE): The skill is susceptible to indirect prompt injection through user-provided diagram content, but it follows best practices by using quoted heredocs to prevent shell interpretation. Evidence:cat > /tmp/diagram.mmd << 'DIAGRAM_EOF'.\n - Ingestion points: User-supplied Mermaid diagrams and Markdown tables in SKILL.md.\n
- Boundary markers: Quoted heredocs are used to isolate untrusted content.\n
- Capability inventory: File writing to temporary locations and execution of CLI tools.\n
- Sanitization: Content is processed by standard parsers rather than being evaluated as code.
Audit Metadata