obsidian-migration-deep-dive
Warn
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: In
SKILL.mdunder the Apple Notes Migration section (Step 6), the provided shell script contains a command injection vulnerability. The script iterates over files and interpolates the shell variable$fdirectly into anode -ecommand string:require('fs').readFileSync('$f','utf-8'). If a filename in the user's source directory contains single quotes or other shell-sensitive characters, it could lead to arbitrary JavaScript execution when the Node.js process is invoked. - [DYNAMIC_CONTEXT_INJECTION]: The skill utilizes dynamic context injection (
!command) in theSKILL.mdheader to executenode --versionandls *.enex *.json *.zip. While these specific commands are used for benign environmental assessment and file discovery, they execute automatically in the shell environment when the skill is loaded by the agent.
Audit Metadata