anki
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell and PowerShell scripts (scripts/anki-connect.sh and scripts/anki-connect.ps1) to interact with the AnkiConnect HTTP API. This is a functional requirement for the skill's purpose.- [PROMPT_INJECTION]: The skill includes instructions to bypass its own interactive safety checklist when operated by an automated agent. This 'Agent Mode Exception' allows the agent to proceed without user confirmation, which is a design choice for automation but reduces manual oversight.- [PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection by processing external file content (PDF, Excel, CSV) without explicit sanitization or boundary markers. 1. Ingestion points: Text extracted from files via the 'pdf' and 'xlsx' skills. 2. Boundary markers: Absent; extracted text is processed directly to generate flashcards. 3. Capability inventory: Execution of local scripts and local network requests. 4. Sanitization: No sanitization is performed on the input text before processing.
Audit Metadata