obsidian-vault-manager
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @johnlindquist/obsidian-cli package from the npm registry, which is a standard dependency for vault operations.
- [COMMAND_EXECUTION]: The skill executes shell commands via obsidian-cli and standard tools like cat and grep to manage files and search vault content.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it reads user notes. * Ingestion points: Note content is read via obsidian-cli print and search-content commands. * Boundary markers: No specific delimiters or instructions are used to isolate untrusted content from the vault notes. * Capability inventory: The skill can create or move files and install npm packages. * Sanitization: No explicit sanitization or validation of note content is performed before processing.
Audit Metadata