Skills
skills/conorluddy/obsidianskills/obsidian-github-issue-fetcher/Gen Agent Trust Hub

obsidian-github-issue-fetcher

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from GitHub issues to create markdown files in the user's vault.
  • Ingestion points: GitHub issue list data (titles and bodies) fetched via the gh CLI in the sync.sh script.
  • Boundary markers: The script inserts a <!-- gh-sync-end --> HTML comment in each generated file to separate synchronized content from user-added notes.
  • Capability inventory: The script performs file system writes to the specified vault directory and executes standard utilities like gh, jq, sed, and tr.
  • Sanitization: Metadata such as titles and milestone names are escaped with backslashes for double quotes in YAML frontmatter. Filenames are restricted to lowercase alphanumeric characters and dashes via the kebab_title function.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:56 PM