Security audit

Mermaid 转飞书图片 Canvas 渲染版

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says, but it can automatically send diagram images to Feishu without a clear per-send confirmation step.

Install only if you want an agent to render Mermaid diagrams and send them to a configured Feishu conversation. Use a least-privilege Feishu app, verify the recipient ID, avoid sensitive diagrams, and instruct the agent to ask before every upload or send.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill defines broad natural-language auto-trigger conditions such as requests to "draw a diagram" or explanations of complex processes, which can cause the agent to invoke rendering and outbound messaging unexpectedly. In this skill, unexpected triggering is more dangerous because the action chain includes screenshot generation and Feishu upload, creating a data-exfiltration and consent risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill is explicitly designed to convert content into an image and send it to Feishu, but it does not require a clear warning, consent, or data-classification check before external transmission. Because the content may include user-provided Mermaid diagrams that reflect internal architecture, processes, or sensitive data, silent upload to a third-party service can leak confidential information.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.