obsidian-plugin-dev
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of prompt injection attempts, safety filter bypasses, or instructions to ignore previous rules were detected. The content is purely instructional for plugin development.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file access outside the application context, or suspicious network operations to non-whitelisted domains were found. The code snippets use standard Obsidian API calls for vault operations.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known development tools and libraries (esbuild, obsidian, typescript) which are appropriate for the stated purpose of plugin development.
- [COMMAND_EXECUTION]: While the guide mentions build commands (npm run dev/build), these are standard development workflows and do not involve arbitrary or malicious command injection.
- [OBFUSCATION]: No obfuscated code, Base64 strings, zero-width characters, or hidden payloads were identified.
- [INDIRECT_PROMPT_INJECTION]: The skill serves as a template for generating code. While code generation tasks inherently carry a surface for indirect prompt injection if the agent processes untrusted user input, this specific skill provides static, safe boilerplate templates.
- Ingestion points: User-provided plugin names or logic descriptions in
SKILL.mdtemplate sections. - Boundary markers: Not explicitly defined in templates.
- Capability inventory: File reading/writing within Obsidian vault via
this.app.vault. - Sanitization: Standard template-based approach; the agent should ensure user input does not inject malicious logic into the final plugin code.
Audit Metadata