The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes a custom obsidian CLI to perform file system operations including reading, creating, appending, and moving files within a designated vault. It also executes shell commands to ensure the Obsidian application is running.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external web sources through the Clipping Save and Knowledge Organizer workflows. Instructions require the agent to extract and summarize knowledge from these sources, which could contain malicious directives.
Ingestion points: External web content fetched via the search-and-fetch skill is processed in SKILL.md under the 'Clipping Save' and 'Knowledge Organizer' roles.
Boundary markers: No specific delimiters or safety instructions are used to separate untrusted web content from the agent's core instructions.
Capability inventory: The skill allows for reading, writing, and moving files using the obsidian CLI, providing a significant impact area if the agent is manipulated by malicious data.
Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external sources before it is analyzed and recorded.

obsidian-knowledge