writing-to-logseq
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/write-operations.pyincludes a main execution block that allows performing Logseq CRUD operations directly via command-line arguments. - [PROMPT_INJECTION]: The skill acts as a sink for user-supplied data written to an external application (Logseq). While
references/safety-guidelines.mdoutlines methods for escaping markdown and validating properties, the primary scriptscripts/write-operations.pydoes not programmatically enforce these sanitization steps. Ingestion points:create_page,create_block,update_block,append_to_page, andsync_notesmethods inscripts/write-operations.py. Boundary markers: None present in the code logic. Capability inventory: Modification of the local Logseq graph via HTTP POST requests to the Editor API. Sanitization: Documented as a best practice but absent in the provided Python implementation. - [SAFE]: The skill retrieves configuration data and API tokens from environment variables or a local file at
.claude/logseq-expert/env.json, which is a standard and acceptable practice for credential management in this context.
Audit Metadata