Adaptive Learning

This package contains a browser-based flashcard framework and a shell script to bundle an existing questions.json into a course — that part is coherent and appears benign. However, SKILL.md also tells the agent to fetch webpages and download PDFs and to read local folders; the shipped code does not implement scraping or PDF parsing. Before installing or running anything: - Do not grant an agent automatic filesystem or network access to run those undocumented scraping/download steps. The instructions expect capabilities (web scraping, writing to ~/COURSE_NAME/) that aren't present in the code. - If you plan to run scripts locally, inspect scripts/generate-course.sh and the generated preload-<id>.js. The script inlines your questions.json into a JS file without escaping — malformed or malicious JSON could break the generated JS or lead to unexpected behavior. Only run the script with questions.json you trust, and review the resulting preload JS before opening it in a browser. - The frontend loads KaTeX from jsDelivr; if you require offline or audited dependencies, host these libraries yourself. - If you need automatic scraping/PDF extraction, request or provide explicit scraper/parsing code (or a vetted tool) rather than relying on the SKILL.md prose. The current mismatch (instructions vs. implementation) is why this skill is flagged suspicious — it may be incomplete or expect external, unstated capabilities. Additional information that would change this assessment: any included or referenced, auditable scraper/parser tools, or clear statement that the agent will not autonomously attempt filesystem/network actions beyond bundling a provided questions.json.