Skills
skills/sumik5/sumik-claude-plugin/creating-flashcards/Gen Agent Trust Hub

creating-flashcards

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Executes the pandoc CLI tool to convert EPUB documents into Markdown format for processing.
  • [COMMAND_EXECUTION]: Utilizes the pdf-to-markdown utility from the authoring-skills package to handle PDF file conversions.
  • [EXTERNAL_DOWNLOADS]: References the official AnkiWeb addon registry (code 124672614) and its corresponding GitHub repository (github.com/ankimcp/anki-mcp-server-addon) for the required Anki MCP Server installation.
  • [DATA_EXFILTRATION]: Communicates with local services via loopback addresses, specifically the Anki MCP Server (127.0.0.1:3141), AnkiConnect (127.0.0.1:8765), and LM Studio (127.0.0.1:1234). These communications are restricted to the local environment and do not involve external data transmission.
  • [PROMPT_INJECTION]: Processes untrusted user-provided content (EPUB/PDF files). Although this creates a surface for indirect prompt injection, the risk is mitigated by a mandatory 'Sample confirmation' step where the user must verify the extracted question-answer pairs before any cards are created.
  • [REMOTE_CODE_EXECUTION]: Dynamically generates Python snippets for the agent to execute. These scripts are used for content cleaning (via regex) and interfacing with the local AnkiConnect API, which is standard behavior for automation skills and remains within the local context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 11:13 PM