Skills
skills/laurigates/claude-plugins/search-discovery/Gen Agent Trust Hub

search-discovery

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to interact with the obsidian CLI. This includes commands for full-text search, metadata queries, and bulk renaming of tags within the user's local vault.
  • [PROMPT_INJECTION]: The skill acts as an interface for reading note content, which presents a surface for indirect prompt injection if notes contain malicious instructions.
  • Ingestion points: Note content, tags, and link metadata are ingested from the Obsidian vault (SKILL.md).
  • Boundary markers: No explicit delimiters are used to wrap or sanitize content retrieved from the vault notes.
  • Capability inventory: The skill possesses the ability to execute shell commands via Bash and read files using Read, Grep, and Glob (SKILL.md).
  • Sanitization: There is no evidence of sanitization or filtering of note content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:17 AM