obsidian-attachment-janitor
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Obsidian CLI to delete and rename files within the local vault. This behavior is transparently documented and aligned with the primary purpose of attachment management.
- [DATA_EXPOSURE]: The skill scans local Markdown files and attachment directories to build a reference map. This file access is restricted to the local environment and the skill does not include any network operations or data exfiltration patterns.
- [INDIRECT_PROMPT_INJECTION]: The skill processes content from local Markdown files to generate descriptive filenames.
- Ingestion points: All
.mdfiles within the Obsidian vault. - Boundary markers: The skill uses specific regex-like patterns to identify embeds (e.g.,
![[filename]]) and date formats. - Capability inventory: Uses
obsidian deleteandobsidian renameshell commands. - Sanitization: It explicitly mandates using the
path=parameter in CLI calls to prevent command injection or errors when handling filenames with special characters (spaces, symbols). Additionally, it requires explicit user confirmation before executing any destructive or modifying actions.
Audit Metadata