tag-taxonomy
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate local file operations including scanning directories and updating markdown frontmatter. Access to the .env file is used for configuration purposes to determine the vault path. No data exfiltration or unauthorized command execution was identified.
- [PROMPT_INJECTION]: The skill processes untrusted data by ingesting content and metadata from all markdown files in the vault, which constitutes an indirect prompt injection surface. Ingestion points: Reads all files matching
$VAULT_PATH/**/*.mdand the_meta/taxonomy.mdfile. Boundary markers: Absent. Capability inventory: Recursive file-read and file-write access within the specified Obsidian vault. Sanitization: No explicit sanitization of tag values or note content is performed before the agent processes them.
Audit Metadata