vault-files
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform file system operations within an Obsidian vault using the 'obsidian' CLI, including reading, creating, moving, and deleting files.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests untrusted data from existing notes. 1. Ingestion points: 'obsidian read' and 'obsidian daily:read' (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Subprocess execution via Bash for note modification and deletion (SKILL.md). 4. Sanitization: Absent.
Audit Metadata