visualize
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a helper script
scripts/render-mermaid.tsthat executes the Mermaid CLI viaexecFileSync. This is a standard and safe implementation for a visualization tool, as it avoids shell injection vulnerabilities by passing arguments directly to the binary. - [EXTERNAL_DOWNLOADS]: The rendering script utilizes
npxto fetch the@mermaid-js/mermaid-clipackage from the official npm registry at runtime. This allows the skill to render diagrams to high-resolution PNG files using the well-known Mermaid rendering engine. - [PROMPT_INJECTION]: The skill processes external data (conversation history, files) to create visualizations, which presents an indirect prompt injection surface.
- Ingestion points: Content is identified from arguments, conversation context, or file paths (SKILL.md).
- Boundary markers: No specific delimiters or "ignore instructions" warnings are defined for the input content.
- Capability inventory: The skill can execute subprocesses via
execFileSyncand perform file system reads and writes (scripts/render-mermaid.ts). - Sanitization: There is no explicit sanitization or validation of the ingested content before it is used for visualization.
Audit Metadata