Skills
skills/varde80/arxiv-zotero-obsidian/obsidian-summarize/Gen Agent Trust Hub

obsidian-summarize

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external research papers.
  • Ingestion points: Data enters the system via the --abstract, --title, --authors, and --summary arguments in scripts/create_summary.py.
  • Boundary markers: The templates/paper_summary.md uses standard curly-brace placeholders (e.g., {{abstract}}) without explicit delimiters or instructions to the model to ignore potential commands embedded in the text.
  • Capability inventory: The skill is granted Bash and Write permissions, allowing it to execute local scripts and modify the filesystem (Obsidian vault).
  • Sanitization: There is no evidence of sanitization, escaping, or validation of the input strings before they are interpolated into the Markdown template or the YAML frontmatter, which could lead to formatting breakage or metadata injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 05:16 AM