goodnight
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is installed from an unverified remote GitHub repository. Evidence: README instructs installation from github.com/iilegendarypokemonii/goodnight-claude.git.
- [COMMAND_EXECUTION]: The skill executes shell commands to gather context and manage notes. Evidence: Runs git log and local node scripts daily-note.js and sessions-today.js. Evidence: Optionally uses the obsidian CLI to append content to files.
- [DATA_EXFILTRATION]: The skill reads sensitive local data sources which could contain private information. Evidence: Accesses Claude Code session logs in ~/.claude/projects/, containing historical user-assistant interactions. Evidence: Reads Obsidian vault configuration and markdown note content from the filesystem.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from the data it aggregates. Ingestion points: Reads content from Obsidian notes, session logs (~/.claude/projects/*.jsonl), and Git log output. Boundary markers: Absent; the SKILL.md instructions do not use delimiters or directives to ignore embedded instructions. Capability inventory: The skill can execute shell commands and write to local files. Sanitization: Absent; content from logs and notes is passed directly to the model for summarization.
Audit Metadata