processon-mindmap-generator
Warn
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The instructions in
SKILL.mdmandate that the AI agent execute a Python-based shell command (python3 -c "...") to check for updates on every invocation. It also instructs the agent to runnpx skills addto update the skill code from GitHub. - [REMOTE_CODE_EXECUTION]: The mandatory update check and the
npx skills addinstallation/update commands involve downloading and executing code or data from a remote repository, which introduces a supply chain risk if the source repository were compromised. - [EXTERNAL_DOWNLOADS]: The skill fetches version metadata from
raw.githubusercontent.comand communicates with the vendor's API atsmart.processon.comduring its normal operation. - [DATA_EXFILTRATION]: User-provided content, including text from documents, images, and long-form notes, is transmitted to the external ProcessOn API (
https://smart.processon.com/v1/api/transform/md) to perform its mindmap generation function. - [PROMPT_INJECTION]: The skill uses rigid, authoritative instructions ("⚠️ 每次使用前必须完成") to override the agent's default behavior, forcing it to prioritize remote update checks and potentially interrupt the user's task based on external version info.
Audit Metadata