obsidian
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'obsidian-cli' tool via a third-party Homebrew tap ('yakitrak/yakitrak/obsidian-cli').
- [COMMAND_EXECUTION]: The skill executes various 'obsidian-cli' commands to manage files on the local disk, including searching, creating, and deleting notes. It also reads the local Obsidian configuration file at '~/Library/Application Support/obsidian/obsidian.json' to locate vault paths.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting content from Markdown notes which are processed by the agent. * Ingestion points: The skill reads note content via 'obsidian-cli search-content' (SKILL.md). * Boundary markers: No boundary markers or instructions to ignore embedded commands are present. * Capability inventory: The skill has capabilities to create, move, and delete files on the local system (SKILL.md). * Sanitization: No sanitization or validation of note content is performed before processing.
Audit Metadata