obsidian-cli
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Interacts with the local environment by executing the
obsidianbinary. Commands are constructed using bash arrays ("${cmd[@]}"), which effectively prevents shell injection vulnerabilities by ensuring arguments are not interpreted as shell commands. - [SAFE]: Implements a portable timeout mechanism (trying
timeout,gtimeout, or aperlfallback) to prevent the agent from hanging on unresponsive Inter-Process Communication (IPC) calls to the Obsidian desktop app. - [SAFE]: Local configuration and vault preferences are stored in
~/.sd0x/obsidian-cli.envwith restricted permissions (umask 077), ensuring that the skill's state and configuration are kept private from other users on the system. - [SAFE]: The skill uses
obsidian readandobsidian searchto ingest data from the local vault. While this creates a surface for indirect prompt injection, the risk is minimized as the data is sourced from the user's personal notes rather than untrusted external sources, and the implementation follows standard tool-use patterns.
Audit Metadata