Skills
skills/zc277584121/marketing-skills/mermaid-to-gif/Gen Agent Trust Hub

mermaid-to-gif

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/mermaid_to_gif.py executes the ffmpeg binary to process images and generate GIFs.
  • Evidence: subprocess.run() is used in assemble_gif with arguments passed as a list, which is a safe practice to prevent shell injection.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the Mermaid.js library from a public CDN at runtime.
  • Evidence: MERMAID_CDN points to cdn.jsdelivr.net, which is a well-known and commonly used service for hosting web libraries.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to how it handles external data.
  • Ingestion points: Content is read from user-supplied .md and .mmd files in scripts/mermaid_to_gif.py.
  • Boundary markers: No specific delimiters or instructions are used to separate untrusted content from agent instructions.
  • Capability inventory: The skill can execute shell commands (FFmpeg) and perform automated browser actions (Playwright).
  • Sanitization: While HTML escaping is used, the Mermaid configuration uses securityLevel: 'loose', which permits the execution of scripts embedded within the diagram code in the context of the rendering browser.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 07:01 AM