Back to skill

Security audit

Mermaid 转飞书图片 Canvas 渲染版

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says, but it can automatically send diagram images to Feishu without a clear per-send confirmation step.

Install only if you want an agent to render Mermaid diagrams and send them to a configured Feishu conversation. Use a least-privilege Feishu app, verify the recipient ID, avoid sensitive diagrams, and instruct the agent to ask before every upload or send.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill defines broad natural-language auto-trigger conditions such as requests to "draw a diagram" or explanations of complex processes, which can cause the agent to invoke rendering and outbound messaging unexpectedly. In this skill, unexpected triggering is more dangerous because the action chain includes screenshot generation and Feishu upload, creating a data-exfiltration and consent risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill is explicitly designed to convert content into an image and send it to Feishu, but it does not require a clear warning, consent, or data-classification check before external transmission. Because the content may include user-provided Mermaid diagrams that reflect internal architecture, processes, or sensitive data, silent upload to a third-party service can leak confidential information.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.