Skills
skills/seckatie/kmtools/mermaid/Gen Agent Trust Hub

mermaid

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Documentation describes installing the Mermaid CLI via NPM and fetching icon packs from unpkg.com or CDNs like jsdelivr. These downloads originate from well-known technology services.
  • [COMMAND_EXECUTION]: The skill provides instructions for executing the mmdc CLI tool to generate diagram files from text definitions, which is the primary purpose of the Mermaid project.
  • [REMOTE_CODE_EXECUTION]: Contributor guidelines include an example of installing the pnpm tool using a shell script from get.pnpm.io. This is a standard installation method for a well-known development utility.
  • [SAFE]: The documentation explicitly covers security configurations, such as the securityLevel setting, to prevent script execution from user-provided diagram code and ensure safe rendering in browser environments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 04:41 AM