mindmap
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user input (meeting notes, descriptions) to generate HTML mindmaps that are automatically opened in the browser, creating a potential XSS surface.\n
- Ingestion points: User input collection described in the Workflow section of SKILL.md.\n
- Boundary markers: Absent; the instructions do not use delimiters or warnings to isolate user-provided content from the mindmap generation logic.\n
- Capability inventory: The
mcp__mindmap__convert_markdown_to_mindmaptool in SKILL.md performs file writes to the project root and triggers the system's default browser.\n - Sanitization: Absent; the skill instructions do not require the agent to sanitize or escape HTML/script tags within the user content before processing.
Audit Metadata