Skills
skills/steffen025/pai-opencode/ExtractWisdom/Gen Agent Trust Hub

ExtractWisdom

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the fabric CLI tool (fabric -y "URL") within the Workflows/Extract.md process to retrieve transcripts from YouTube URLs.\n- [EXTERNAL_DOWNLOADS]: The skill fetches external data from YouTube and general web articles using WebFetch and fabric to gather source material for analysis.\n- [PROMPT_INJECTION]: The skill processes untrusted external content, which presents a surface for indirect prompt injection.\n
  • Ingestion points: YouTube transcripts and article text are ingested into the context during Step 1 of the Workflows/Extract.md workflow.\n
  • Boundary markers: The skill does not define explicit delimiters or instructions to disregard potential commands hidden within the ingested transcripts or articles.\n
  • Capability inventory: The skill has the capability to execute the fabric command and read local files from paths like ~/.opencode/ and the skill's own directory.\n
  • Sanitization: No sanitization or filtering logic is specified for the external content before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:38 AM