ClawHub

Mermaid Diagrams

v0.1.0

Create software diagrams using Mermaid syntax. Use when users need to create, visualize, or document software through diagrams including class diagrams, sequence diagrams, flowcharts, ERDs, C4 architecture diagrams, state diagrams, git graphs, and other diagram types. Triggers include requests to diagram, visualize, model, map out, or show the flow of a system.

5· 4.7k·46 current·51 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (create Mermaid diagrams) match the provided files and instructions: examples, syntax guides, and rendering/export notes. The skill does not ask for unrelated resources or credentials.
Instruction Scope
SKILL.md contains purely authoring guidance, examples, and notes on rendering/export. It does not instruct the agent to read local files, access environment variables, or send data to unknown endpoints. Examples reference common external resources (mermaid.live, CDN imports, Mermaid CLI) which are appropriate for rendering guidance.
Install Mechanism
No install spec or packaged code is included; this is instruction-only. README shows example commands (npx clawhub install, npx add GitHub path) but those are user-facing instructions, not an automated installer embedded in the skill. No downloaded or extracted archives are declared.
Credentials
The skill requires no environment variables, credentials, or config paths. Nothing in the skill asks for secrets or unrelated system access.
Persistence & Privilege
Skill flags are default (always: false, user-invocable: true). It does not request persistent/system-level privileges or to modify other skills' configs.
Assessment
This skill is documentation and examples for writing Mermaid diagrams and appears coherent and low-risk. Before installing or running any commands shown in README (e.g., npx clawhub..., npx add ..., or installing the mermaid CLI), verify those commands and the source you obtain them from. The examples include external resources (mermaid.live, cdn.jsdelivr) and instructions to install mermaid-cli — those are normal for rendering but will fetch third-party code. If you plan to render untrusted Mermaid input in a browser or HTML context, treat it like other user-supplied markup (sanitize or sandbox it) because embedding rendered output can introduce injection/XSS risks. Finally, note the skill's source/homepage is unspecified in the registry metadata; if you require provenance, ask the publisher for a canonical repository or homepage before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b9twpz9nqnjs8qk9pnnvtjx80wbhm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments