bdistill-knowledge-extraction
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the 'bdistill' Python package from a public registry.- [EXTERNAL_DOWNLOADS]: References Ollama, a well-known service for hosting local AI models, for the purpose of open-source model extraction.- [COMMAND_EXECUTION]: Uses shell commands to manage a local knowledge base, including list, search, and export operations.- [COMMAND_EXECUTION]: Configures an MCP server using the 'claude mcp' command to integrate distillation capabilities.- [INDIRECT_PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it processes and structures untrusted outputs from AI models.
- Ingestion points: Processes responses from both in-session and local AI models (SKILL.md).
- Boundary markers: No explicit delimiters or 'ignore' instructions are mentioned for processing ingested data.
- Capability inventory: Includes shell command execution and the ability to write files to the local system during data export (SKILL.md).
- Sanitization: Documentation does not specify sanitization or validation methods for the ingested model responses.
Audit Metadata