mermaid-creator
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@mermaid-js/mermaid-clipackage via npm. This is a well-known, legitimate utility from the Mermaid project and is used for its intended purpose of converting diagrams to SVG format. - [COMMAND_EXECUTION]: The documentation includes shell commands for using the
mmdccommand-line interface to perform diagram conversions and batch processing. These commands are standard for the tool and necessary for the skill's primary function. - [PROMPT_INJECTION]: The skill's instructions were analyzed for attempts to override agent behavior or bypass safety filters; no malicious instruction patterns were found.
- [DATA_EXFILTRATION]: No sensitive file paths, hardcoded credentials, or unauthorized network operations were detected. The skill does not perform any data transmission to untrusted external domains.
Audit Metadata