Back to skill

Security audit

Anki Batch Cards

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it reads a user-provided vocabulary file and adds cards to the user's local Anki collection through AnkiConnect.

Before installing, understand that non-test runs will add cards to your Anki deck. Use --test first, confirm the target deck/model fields, and only provide input files whose contents you are comfortable adding to Anki.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill instructs use of local file input and HTTP requests to AnkiConnect, but the skill metadata does not declare those capabilities or warn users about them. Hidden or undeclared file/network behavior reduces transparency and can lead users or policy systems to approve a skill without understanding that it reads local data and sends requests to a local service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill describes a workflow that writes notes into Anki but does not clearly warn that executing it will modify the user's collection unless dry-run mode is used. Lack of an explicit mutation warning can cause unintended data changes, especially in automation contexts where the agent may act without a strong confirmation checkpoint.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.