extract-wisdom

SUSPICIOUS: the skill’s main purpose and core capabilities are mostly aligned, but its footprint is broader than a pure summarisation tool because it mandates unsandboxed execution, processes arbitrary untrusted web content, and permits file writes plus command execution. There is no clear credential theft or malicious exfiltration, so it is not malware, but it poses a medium-to-high operational risk consistent with prompt-injection and execution-scope concerns.

No clear evidence of intentional malware/backdoors is present in this snippet (no exfiltration or system-level actions). However, the code has a high security risk due to direct injection of untrusted Markdown into innerHTML via marked.parse(...) without sanitization, and it injects Mermaid-rendered SVG via innerHTML. It also increases supply-chain risk by loading multiple critical libraries from a CDN at runtime without integrity pinning. This should be treated as a DOM XSS–class vulnerability if the entry data can be influenced by an attacker.