obsidian-bases
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is purely instructional and contains no executable code or scripts. It serves as a reference for the Obsidian Bases YAML schema and its associated formula language.
- [PROMPT_INJECTION]: The skill defines how an agent should process data from notes, identifying an indirect prompt injection surface (Category 8). Ingestion points: Obsidian notes and .base files. Capability inventory: File manipulation within Obsidian. Sanitization: Documentation mentions the escapeHTML function. Boundary markers: None.
- [NO_CODE]: No external scripts, binaries, or package installations are present in the skill.
Audit Metadata