obsidian-kanban
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill is entirely composed of markdown instructions and does not contain any executable scripts, binaries, or code files.\n- [PROMPT_INJECTION]: The skill instructions create a surface for indirect prompt injection by directing the agent to read and act on content from external markdown files.\n
- Ingestion points: Data is ingested from the Obsidian kanban markdown file referenced in the workflow sections of SKILL.md.\n
- Boundary markers: The skill does not define any delimiters or provide instructions to the agent to disregard commands embedded within the kanban file's content.\n
- Capability inventory: The agent possesses the capability to read and modify local files through its environment tools as described in the task movement workflow.\n
- Sanitization: There are no mechanisms described for sanitizing or validating the content extracted from the kanban files before the agent processes or displays it.
Audit Metadata