Skills
skills/laurigates/claude-plugins/tasks/Gen Agent Trust Hub

tasks

Warn

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute obsidian CLI commands. User input is placed directly into shell arguments (e.g., content="...", file="..."). If the input contains shell metacharacters like backticks, semicolons, or pipes, it could lead to arbitrary command execution on the host system.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: Untrusted data enters the agent context via the content, file, and task parameters in SKILL.md. 2. Boundary markers: The templates lack boundary markers or instructions to ignore embedded commands within the user input. 3. Capability inventory: The skill has access to powerful tools including Bash, Read, Grep, and Glob across all commands in SKILL.md. 4. Sanitization: There is no evidence of sanitization or escaping of special characters before the data is passed to the shell environment.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 9, 2026, 08:12 PM