Skillv1.0.0

ClawScan security

Mermaid Workflow Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 2, 2026, 12:32 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated functionality (generate .mmd, call mmdc, insert images into Markdown) matches its code, but registry metadata omits required external dependency (mmdc) and the skill writes config files and runs shell commands (including npx/mmdc with Puppeteer --no-sandbox), so there is an inconsistency and some operational risk you should review before installing.
Guidance: What to check before installing/using: 1) The skill needs Mermaid CLI (mmdc) and Node/npm; the registry metadata omitted that—install mmdc (or use npx) beforehand. 2) Inspect the included scripts yourself (they are plain Python) — they run subprocesses (mmdc or npx) and will modify Markdown files and may create a puppeteer config in your home directory. 3) The conversion uses Puppeteer with --no-sandbox to avoid sandbox errors; that flag reduces Chromium sandboxing and may be undesirable on multi-tenant hosts — avoid or constrain usage on sensitive systems (use a container/CI runner instead). 4) Run the quick_start in an isolated environment (local VM or container) the first time, and back up any Markdown files before using insertion features. 5) If you want to allow autonomous agent invocation, be aware it will be able to run the scripts which execute shell commands and write files locally. If these points are acceptable and you trust the package, the skill appears coherent otherwise; if you need higher assurance, request the package author to update registry metadata to declare required binaries and provide signed release details.

Review Dimensions

Purpose & Capability: concernThe SKILL.md and scripts clearly require Mermaid CLI (mmdc) and Python 3.8+, and the README/quick_start instruct installing @mermaid-js/mermaid-cli and configuring Puppeteer. However the registry metadata lists no required binaries or env vars — that's an incoherence: the skill will fail or behave unexpectedly unless mmdc/node/npm are present. Requesting no credentials is appropriate for the stated purpose.
Instruction Scope: noteRuntime instructions restrict actions to local file creation, invoking mmdc (or npx @mermaid-js/mermaid-cli) and modifying Markdown files. The scripts operate on local .mmd/.png/.md files, compute relative paths, copy files, and may create a puppeteer config in the user's home. There are no network endpoints or credential exfiltration steps in the scripts. The instruction set does ask the agent to run shell/python commands (exec examples) which will execute local subprocesses — expected for this utility but worth auditing.
Install Mechanism: okNo automatic install spec is provided (instruction-only + included scripts). The skill recommends using npm/npx to obtain mmdc; there are no downloads from untrusted URLs in the package. This is a lower-risk install mechanism, but it depends on the user installing third-party npm packages (mermaid-cli) which is expected.
Credentials: noteThe skill requests no credentials or privileged environment variables, which is proportionate. It does mention optional environment variables for defaults in README, but the scripts do not require secrets. One caveat: the script may write a Puppeteer config file to the user's home (~/.mermaid-puppeteer-config.json) if invoked with create_config — this is reasonable for operation but should be expected by the user.
Persistence & Privilege: okThe skill is not marked always:true and does not claim to modify other skills or global agent settings. It can write files (templates, output .png/.mmd, puppeteer config) in local directories or home; this is normal for a file-generation utility. Autonomous invocation is allowed by default (not flagged here) but combine that with local filesystem writes when deciding to enable the skill.