Skills
skills/teslasoft-de/claude-skills-marketplace/vault-boot/Gen Agent Trust Hub

vault-boot

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill triggers shell commands like 'cmd.exe /c start' or 'Start-Process' to open the file '00_Dashboard/dashboard.html' in the system browser. This is an intended functional step for the dashboard display.
  • [PROMPT_INJECTION]: The skill processes untrusted data from vault files, creating a surface for indirect prompt injection.
  • Ingestion points: Contents of 'TASKS.md', 'PROJECT_STATE.md', and other vault files are read into the agent context using obsidian_get_file_contents.
  • Boundary markers: The output template lacks delimiters or ignore-instructions to isolate the ingested file content from the agent's logic.
  • Capability inventory: The skill can execute shell commands to launch the browser.
  • Sanitization: No validation or sanitization is performed on the data retrieved from the vault.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 03:40 AM