obsidian-canvas-architect
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local file operations (read, write, append) necessary for its stated purpose of managing an Obsidian vault. These operations are guarded by atomic write protocols (os.rename) and advisory locking to ensure stability and data integrity.
- [EXTERNAL_DOWNLOADS]: The skill depends on ruamel-yaml, a well-known and trusted library for parsing YAML while preserving formatting. This is a standard and safe dependency.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external markdown and canvas files. However, the use of structured parsers (JSON, YAML) and the absence of executable interpolation of this data into system commands render this risk negligible.
- Ingestion points: scripts/canvas_ops.py, scripts/vault_ops.py, and obsidian-parser/parser.py ingest file content.
- Boundary markers: Absent; the skill relies on the agent's capability to distinguish content from instructions.
- Capability inventory: Scripts provide file system read/write access and directory management.
- Sanitization: Content is handled as structured text/data through established parsing libraries, preventing arbitrary code execution.
Audit Metadata