Skills
skills/ericgandrade/claude-superskills/obsidian-note-builder/Gen Agent Trust Hub

obsidian-note-builder

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as find and grep in the 'Workflow' section of SKILL.md to analyze the local Obsidian vault's structure, naming conventions, and tag taxonomy.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) by ingesting untrusted data like brain dumps, transcripts, and web article excerpts to perform entity extraction and note structuring.
  • Ingestion points: External content provided by the user (summaries, excerpts, transcripts) as described in the 'When to Use' and 'Workflow' sections of SKILL.md.
  • Boundary markers: None; the skill does not utilize delimiters or specific instructions to isolate untrusted content from the agent's core instructions.
  • Capability inventory: The agent has permissions to read the local filesystem via shell tools and create/write markdown files.
  • Sanitization: None; there is no mention of validating, escaping, or filtering the ingested data before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 08:33 PM