obsidian-bases
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains no executable code, shell scripts, or binary assets. Its primary function is to provide the AI agent with a structural reference for a specific file format (.base YAML).
- [DATA_EXFILTRATION]: While the skill describes how to access file metadata (paths, sizes, modification times) and frontmatter properties, this access is restricted to the local filesystem for the purpose of vault organization. No network operations or external data transfer mechanisms are present.
- [PROMPT_INJECTION]: There are no instructions attempting to override the agent's safety guidelines, extract system prompts, or adopt unrestricted personas.
- [EXTERNAL_DOWNLOADS]: The skill includes reference links to official Obsidian documentation (help.obsidian.md). These are informational links to a well-known service and do not involve the automated download or execution of remote content.
- [COMMAND_EXECUTION]: The skill defines a domain-specific language (DSL) for formulas (e.g., date arithmetic, string manipulation). These expressions are designed to be interpreted by the Obsidian application and are not executed as system commands or shell scripts by the agent.
- [SAFE]: No credentials, secrets, or sensitive configuration files (e.g., .ssh, .aws) are targeted or hardcoded.
- [SAFE]: No obfuscation techniques, hidden characters, or encoded payloads were detected in the documentation or examples.
Audit Metadata