The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to manage the Obsidian vault's filesystem, performing operations like directory creation (mkdir -p), moving files (mv), and deleting notes (rm). These operations are localized to the user-provided vault path and include instructions to seek user confirmation for destructive actions.
[PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill reads content from markdown files in the Obsidian vault using Read, Glob, and Grep. Content within these notes could theoretically contain instructions designed to manipulate the agent's behavior during reasoning or context-gathering tasks.
Ingestion points: notes are ingested in assets/modes/READ.md through search and read operations.
Boundary markers: The skill lacks explicit technical boundary markers for untrusted data, although it instructs the agent to cite sources and distinguish quotes from interpretation.
Capability inventory: The skill possesses file modification capabilities (Write, Edit) and deletion capabilities (Bash rm) as defined in assets/modes/SYNC.md.
Sanitization: No automated sanitization or filtering of note content is implemented.

obsidian