aa-book
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates the execution of external command-line tools aa-book and pdf-brain to automate book discovery and management.
- [EXTERNAL_DOWNLOADS]: Facilitates the retrieval of files from Anna's Archive, which is an external source outside of the trusted domain whitelist.
- [NO_CODE]: The skill contains markdown documentation and command instructions but does not provide any script files or executable code within the package.
- [PROMPT_INJECTION]: Presents a risk of indirect prompt injection through the ingestion of unvetted book content into a knowledge base. 1. Ingestion points: Data enters via the aa-book add command from Anna's Archive. 2. Boundary markers: Absent; no delimiters are used to separate untrusted content. 3. Capability inventory: Subprocess execution of local binaries for download, conversion, and ingestion. 4. Sanitization: Absent; no filtering or validation of book content is performed before ingestion.
Audit Metadata