ExtractWisdom

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The workflow defined in Workflows/Extract.md specifies the use of the fabric command-line tool to retrieve transcripts from user-provided YouTube URLs.
  • [EXTERNAL_DOWNLOADS]: The skill is designed to retrieve and process content from remote sources, including YouTube transcripts and general web article content.
  • [DATA_EXPOSURE]: The skill instructions in SKILL.md include logic to check for and load customization and style files from specific local directory paths such as ~/.claude/PAI/USER/SKILLCUSTOMIZATIONS/ExtractWisdom/.
  • [PROMPT_INJECTION]: The skill processes untrusted external content, which creates a surface for indirect prompt injection. Ingestion points: YouTube transcripts, Article content, and file paths. Boundary markers: No specific delimiters or instructions to ignore embedded instructions are used. Capability inventory: The skill can execute shell commands via fabric and read local files. Sanitization: No explicit sanitization of the input content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — ExtractWisdom