Skills
skills/bastos/skills/obsidian-daily/Gen Agent Trust Hub

obsidian-daily

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (HIGH): Potential for indirect prompt injection. Ingestion points: Untrusted note content is retrieved via obsidian-cli print and obsidian-cli search-content. Boundary markers: Absent. Capability inventory: The skill can create and modify files (notes) using obsidian-cli. Sanitization: None.
  • [COMMAND_EXECUTION] (LOW): The skill executes shell commands for date manipulation and vault management.
  • [EXTERNAL_DOWNLOADS] (LOW): Relies on the external obsidian-cli utility which must be installed from a third-party source.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:18 AM