Skills
skills/anassahel/obsidian/obs-morning-brief/Gen Agent Trust Hub

obs-morning-brief

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the obsidian daily command to ensure the current day's note is initialized. This is a legitimate use of the Obsidian CLI as defined in the skill's prerequisites.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing user-controlled data from Obsidian vault files.
  • Ingestion points: Reads markdown files matching the pattern Daily/YYYY-MM-DD.md (SKILL.md, Step 1 and Step 2).
  • Boundary markers: Absent. The skill extracts tasks (- [ ]) and content from the 'Bilan' section without using delimiters to distinguish data from instructions.
  • Capability inventory: File system read/write access (Read and Edit tools) and local command execution (bash tool for obsidian CLI).
  • Sanitization: Absent. The skill carries over task descriptions verbatim into the new daily note and uses them to generate the morning brief summary.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 08:07 PM