Skills
skills/muzhicaomingwang/ai-ideas/obsidian-organize/Gen Agent Trust Hub

obsidian-organize

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill provides bash command templates that perform file movement and permanent deletion.
  • Evidence: The file SKILL.md contains commands like rm -rf "/path/to/Obsidian Vault/SourceFolder" and cp -r "/path/to/Obsidian Vault/SourceFolder/"*.
  • Risk: If the agent incorrectly identifies the vault path or is manipulated into targeting sensitive system directories, it could cause irreversible data loss.
  • [INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill is designed to process external content (local filesystem directory structures) and possesses the capability to modify or delete files.
  • Ingestion points: SKILL.md uses ls -la and find to ingest directory structures.
  • Boundary markers: None identified. The skill does not provide instructions to distinguish between metadata and potential malicious content within folder names.
  • Capability inventory: mkdir, cp, rm -rf.
  • Sanitization: The skill uses double-quoting in shell examples, but the security depends entirely on the underlying agent's ability to safely interpolate user-provided paths into these commands without introducing shell injection vulnerabilities.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:35 AM