Skills
skills/sjungling/sjungling-claude-plugins/obsidian-vault-manager/Gen Agent Trust Hub

obsidian-vault-manager

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the @johnlindquist/obsidian-cli package from the NPM registry. This utility is used for maintaining vault integrity and performing Obsidian-specific operations.\n- [COMMAND_EXECUTION]: Local shell commands, including the obsidian-cli utility, sed, grep, and cat, are utilized to create, move, and search markdown files within the user's local Obsidian vault for legitimate organization tasks.\n- [PROMPT_INJECTION]: The skill reads and searches user-controlled markdown files from the Obsidian vault, creating a surface for potential indirect prompt injection. \n
  • Ingestion points: Note content is ingested via obsidian-cli print and obsidian-cli search-content in files like SKILL.md and references/obsidian-cli-reference.md.\n
  • Boundary markers: Content is not wrapped in specific delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill has capabilities to write/overwrite files (obsidian-cli create) and execute shell scripts as documented in references/obsidian-cli-reference.md.\n
  • Sanitization: No explicit sanitization or validation of the ingested markdown content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:16 PM