Skills
skills/jeremylongshore/claude-code-plugins-plus/obsidian-common-errors/Gen Agent Trust Hub

obsidian-common-errors

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the Bash tool for tasks such as npm run build and checking file existence with ls -la. These operations are performed within the local plugin development directory to verify build artifacts.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests installing the obsidian-hot-reload package via npm. This is a standard utility in the Obsidian developer community for accelerating the development cycle.
  • [PROMPT_INJECTION]: The skill provides instructions for analyzing external plugin source code, which constitutes a surface for indirect prompt injection. Maliciously crafted comments or code in the target plugin could attempt to influence the agent's diagnostics.
  • Ingestion points: Uses Read and Grep tools to inspect local plugin files.
  • Boundary markers: The instructions do not define specific delimiters for separating the analyzed code from the agent's diagnostic prompts.
  • Capability inventory: The skill has access to the Bash tool (node-related commands), Read, and Grep capabilities.
  • Sanitization: No explicit sanitization or validation of the ingested code content is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 06:44 PM