processon-mindmap-generator

Warn

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The instructions in SKILL.md mandate that the AI agent execute a Python-based shell command (python3 -c "...") to check for updates on every invocation. It also instructs the agent to run npx skills add to update the skill code from GitHub.
  • [REMOTE_CODE_EXECUTION]: The mandatory update check and the npx skills add installation/update commands involve downloading and executing code or data from a remote repository, which introduces a supply chain risk if the source repository were compromised.
  • [EXTERNAL_DOWNLOADS]: The skill fetches version metadata from raw.githubusercontent.com and communicates with the vendor's API at smart.processon.com during its normal operation.
  • [DATA_EXFILTRATION]: User-provided content, including text from documents, images, and long-form notes, is transmitted to the external ProcessOn API (https://smart.processon.com/v1/api/transform/md) to perform its mindmap generation function.
  • [PROMPT_INJECTION]: The skill uses rigid, authoritative instructions ("⚠️ 每次使用前必须完成") to override the agent's default behavior, forcing it to prioritize remote update checks and potentially interrupt the user's task based on external version info.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 25, 2026, 12:22 PM
Security Audit — agent-trust-hub — processon-mindmap-generator