Skills
skills/michael-f-bryan/skills/obsidian-cli/Gen Agent Trust Hub

obsidian-cli

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the obsidian CLI for vault management. It explicitly instructs the agent to verify syntax using obsidian help and avoid creating unsupported commands, which prevents accidental or malicious command malformation.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and searches through external markdown notes.\n
  • Ingestion points: Content is ingested via the read, search, and daily:read commands (defined in SKILL.md and references/commands.md).\n
  • Boundary markers: There are no instructions for using delimiters or boundary markers when handling note content.\n
  • Capability inventory: The skill can execute potentially sensitive operations like delete, move, plugin:install, and publish:site.\n
  • Sanitization: The skill does not specify any sanitization or validation of the ingested note data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 12:52 PM