anki
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill communicates with the local AnkiConnect API (defaulting to localhost:8765). Analysis of the script confirms no external data exfiltration or unauthorized network operations.
- [PROMPT_INJECTION]: The skill includes explicit safety guidelines requiring the AI to display proposed changes and obtain user confirmation before adding, updating, or deleting cards. These instructions strengthen the safety posture of the skill.
- [COMMAND_EXECUTION]: The skill utilizes a local shell script (
scripts/anki.sh) to perform operations. The script employsjqto safely handle and sanitize user-provided data when constructing JSON-RPC payloads, effectively preventing injection at the API layer. - [INDIRECT_PROMPT_INJECTION]: Evaluation of ingestion surface. Ingestion points:
scripts/anki.sh(find, due, info). Boundary markers: Absent. Capability inventory:scripts/anki.sh(add, update, delete). Sanitization: Present (viajqescaping). The risk is minimal as the primary data source is the user's local database.
Audit Metadata