Is Mermaid MCP server safe?
mcp-mermaid is an AI npm_package analyzed by SkillTotal's deterministic static scanner. The scan found no malicious indicators, though 3 risky constructs are reported for review. It can: filesystem write and install time execution — capabilities are what the code can do, not a verdict on intent. Risk score 0/100 (low).
mcp-mermaid 0.4.1
- npm install-time lifecycle hook
- Node.js filesystem write/delete
- npm prepare hook
No malicious indicators found by static analysis.
Findings (3)
package.json runs scripts automatically when the package is installed.
"postinstall": "playwright install --with-deps chromium"
Why it matters: Install scripts are a favorite supply-chain foothold — they execute on every machine that installs the package.
Fix: Inspect the hook command. Install-time scripts are a common supply chain execution vector; ensure they do nothing beyond a documented build step.
The component writes or deletes files on disk.
fs.writeFileSync(filePath, screenshot);
fs.writeFileSync(cssTmpPath, cssContent);
Why it matters: Usually legitimate, but worth confirming the paths can't be controlled by untrusted input.
Fix: Confirm which files are written/deleted and that paths cannot be influenced by untrusted input.
package.json has a 'prepare' script (runs on git/local installs and before publishing).
"prepare": "husky && npm run build",
Why it matters: Usually a build step, but confirm it doesn't fetch or run remote code.
Fix: Usually a legitimate build step; confirm it only builds and does not fetch or execute remote code.
Check your own component
Run the same evidence-backed scan on any MCP server, agent skill, or package.
Scan your own componentOr get notified if this component's risk changes:
How we determine this: deterministic static analysis (regex + AST), evidence-anchored, no code execution. Methodology →