vault-wikilinks
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is focused on local file maintenance and uses a restricted set of tools (Read, Edit, Grep, Glob). No evidence of malicious intent, unauthorized command execution, or harmful patterns was found.\n- [DATA_EXFILTRATION]: While the skill accesses local vault content, it does not have network access or tools like curl/wget enabled, precluding the possibility of data exfiltration.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes user-controlled data within the Obsidian vault, presenting a standard attack surface.\n
- Ingestion points: Markdown files across the vault are scanned using the Grep and Glob tools (SKILL.md).\n
- Boundary markers: Instructions explicitly direct the agent to avoid modifying links inside code blocks or YAML frontmatter.\n
- Capability inventory: The agent uses Read and Edit tools for local file operations (SKILL.md).\n
- Sanitization: The skill provides strict rules for preserving original aliases and requires reporting ambiguous targets to the user, mitigating automated injection risks.
Audit Metadata