anki-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODESAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes external text files and pasted content, which are untrusted data sources. 1. Ingestion: Reads vocabulary lists and text files from user-specified paths. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are specified. 3. Capability: Tier LOW; the skill only influences the agent's internal reasoning and text formatting. 4. Sanitization: No input validation or filtering is mentioned.
- [SAFE] (SAFE): No malicious patterns, obfuscation, or hardcoded credentials were found.
- [NO_CODE] (SAFE): The skill consists entirely of markdown instructions with no accompanying scripts or external package dependencies.
Audit Metadata