Skills
skills/cnife/skills/obsidian-diary/Gen Agent Trust Hub

obsidian-diary

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/obsidian-helper.py using the uv run command to interact with the file system, calculate paths, and manage Obsidian vault content.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from the user's Obsidian vault.
  • Ingestion points: The script scripts/obsidian-helper.py reads the content of existing markdown files from the user's Obsidian vaults in the read, recent, and context actions.
  • Boundary markers: Content read from files is delimited in the output by markers such as --- RECENT --- and --- TODAY ---, but there are no instructions to the agent to disregard any instructions found within those files.
  • Capability inventory: The skill has the ability to write to files (via the platform's Edit tool) and execute shell commands (via uv run).
  • Sanitization: The skill does not perform any sanitization or validation of the content read from the markdown files before providing it to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 01:10 AM