obsidian-daily
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
obsidian-cliutility for note management tasks and standard system commands such asdateandprintffor date manipulation and text formatting. These commands are necessary for the skill's primary functionality. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by reading and searching existing note files via
obsidian-cli printandobsidian-cli search-content. Malicious instructions stored in notes could be ingested into the agent context. - Ingestion points: Data is ingested from local files in
SKILL.mdusing theprintandsearch-contentcommands. - Boundary markers: No boundary markers or 'ignore' instructions are specified for note content.
- Capability inventory: The skill allows modifying local files and changing tool configurations via the CLI.
- Sanitization: No sanitization or content validation is performed on data retrieved from note files.
Audit Metadata