Skills
skills/georgekhananaev/claude-skills-vault/obsidian-skills/Gen Agent Trust Hub

obsidian-skills

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the obsidian CLI for vault operations (reading, creating, and searching notes) and the defuddle CLI for extracting text from external web pages.\n- [REMOTE_CODE_EXECUTION]: Includes the obsidian eval command, which enables the execution of arbitrary JavaScript code within the Obsidian application environment, intended for plugin and theme development.\n- [EXTERNAL_DOWNLOADS]: Instructions recommend installing the defuddle content extraction tool via the Node Package Manager (npm).\n- [PROMPT_INJECTION]: The ingestion of untrusted web content via defuddle creates a surface for indirect prompt injection attacks.\n
  • Ingestion points: defuddle parse <url> (skills/defuddle/SKILL.md).\n
  • Boundary markers: Absent; the instructions do not specify any delimiters or warnings to treat external content as untrusted data.\n
  • Capability inventory: obsidian eval (JavaScript execution), obsidian create (file system write), obsidian read (file system access), obsidian search (data retrieval).\n
  • Sanitization: Absent; content retrieved from external sources is processed without filtering, escaping, or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 01:18 PM