obsidian-upgrade
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes user-controlled documentation (e.g.,
docs/AGENTS.md), which is an indirect prompt injection surface. Ingestion points:docs/AGENTS.mdand other markdown files in thedocs/directory. Boundary markers: Absent; the agent reads the files directly for comparison. Capability inventory: The skill usesTaskobjects to perform file reads and directory listings. Sanitization: None; however, the output is a plan presented to the user for approval, mitigating the risk of autonomous malicious action. - Dependency Analysis (SAFE): The skill relies on a local sibling skill (
skills/obsidian-plan-wiki/) for its canonical specification. No external or untrusted packages are downloaded. - Network Security (SAFE): No network operations, API calls, or data exfiltration patterns were found.
- Privilege Management (SAFE): The skill operates within the standard file access scope required for its stated purpose without attempting privilege escalation.
Audit Metadata