obsidian-vault-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection surface. Ingestion points: The scripts
find-orphan-notes.pyandtag-overview.pyread the content of all markdown files within the target Obsidian vault to extract links and tags. Boundary markers: Absent. The scripts do not use specific delimiters or warnings to prevent the agent from being influenced by instructions embedded within the notes. Capability inventory: The skill has the capability to write new markdown files viacreate-daily-note.py. Sanitization:tag-overview.pycorrectly usesyaml.safe_load()when parsing frontmatter, which prevents unsafe deserialization attacks. - COMMAND_EXECUTION (SAFE): File system operations. The Python scripts perform standard file read/write operations and directory creation within the path specified by the user's environment. These operations are consistent with the skill's purpose.
- EXTERNAL_DOWNLOADS (SAFE): No remote code downloads or unauthorized external network requests were detected in the skill's scripts.
Audit Metadata