vault-mocs
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions define a purely functional workflow for organizing Markdown files in a personal knowledge management system. It establishes rules for file naming, metadata tagging, and content structure that align with standard productivity workflows.
- [COMMAND_EXECUTION]: The skill uses platform-provided tools (
Read,Edit,Write,Grep,Glob) to perform file operations within the Obsidian vault. These actions are scoped to the intended purpose of managing vault notes and do not involve arbitrary command execution or shell access. - [DATA_EXFILTRATION]: There are no network operations or external communication patterns. The skill operates entirely on local vault data without attempting to transmit information to remote servers.
- [PROMPT_INJECTION]: The instructions do not contain attempts to override agent behavior, bypass safety filters, or extract system prompts. The language is instructional and focused on the task of MOC curation.
- [INDIRECT_PROMPT_INJECTION]: While the skill reads and processes user-controlled notes from an Obsidian vault (ingestion points), the capabilities are limited to file manipulation within the vault scope. The instructions include safety guidelines to preserve user-defined structures and intent, which mitigates risk.
Audit Metadata