generating-mermaid-diagrams
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/query-org-metadata.pyutility executes the Salesforce CLI (sf) to retrieve object counts and metadata for grounding diagrams. The script uses safe argument passing (list-based) to prevent shell injection. - [COMMAND_EXECUTION]: The
scripts/mermaid_preview.pyscript executes a background process of itself to serve as a local HTTP server for diagram previews. This is a standard management pattern for local development tools. - [EXTERNAL_DOWNLOADS]: The Mermaid preview server template references the Mermaid.js library from
cdn.jsdelivr.net. This is a well-known public CDN used to load the rendering engine required for browser-based diagram visualization.
Audit Metadata