anki
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with Anki via a local shell script (anki.sh). It safely handles user-provided data by using jq to serialize inputs into JSON, which prevents command injection and ensures structural integrity of the API requests.
- [PROMPT_INJECTION]: Instructions include mandatory human-in-the-loop checkpoints, specifically requiring explicit user confirmation before any cards are created, updated, or deleted. No adversarial or bypass patterns were found in the prompt logic.
- [DATA_EXFILTRATION]: Network operations are confined to the local machine's loopback interface (localhost:8765) to communicate with AnkiConnect. No patterns for unauthorized remote data transmission or sensitive file access were identified.
Audit Metadata