Skills
skills/danielmiessler/personal_ai_infrastructure/ExtractWisdom/Gen Agent Trust Hub

ExtractWisdom

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the fabric CLI tool to process YouTube transcripts based on user-provided URLs. While fabric is a tool from the same author, executing CLI commands with external inputs carries inherent risk. Found in Workflows/Extract.md as fabric -y "URL".
  • [DATA_EXFILTRATION]: The skill is instructed to access and load configuration and preference files from the user's local directory to customize behavior. Found in SKILL.md referencing paths such as ~/.claude/skills/PAI/USER/SKILLCUSTOMIZATIONS/ExtractWisdom/ and skills/PAI/USER/WRITINGSTYLE.md.
  • [PROMPT_INJECTION]: The skill processes untrusted external content (YouTube transcripts and web articles), creating a surface for indirect prompt injection. 1. Ingestion points: Content obtained via fabric and WebFetch. 2. Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands in the processed content. 3. Capability inventory: The agent has file-read and command-execution capabilities. 4. Sanitization: Absent; the skill does not specify any filtering or escaping of external content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 12:42 PM