notemdpro-batch-processor
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides structured guidance for batch processing markdown files using concurrency control and exponential backoff. It includes performance optimizations like stripping Base64 data to avoid memory issues.
- [PROMPT_INJECTION]: Analysis of the data ingestion surface identifies that the skill processes untrusted markdown content from a vault and capture raw API response text in logs, creating a surface for indirect prompt injection if the agent reads these logs. \n
- Ingestion points: Reads all markdown files from the local vault via app.vault.getMarkdownFiles() and logs raw API response text to local files. \n
- Boundary markers: Guidelines for chunking respect markdown headers and code blocks, but do not include explicit security delimiters for LLM inputs or log parsing. \n
- Capability inventory: Performs file system read/write operations, executes network API calls, and processes external data. \n
- Sanitization: Implements Base64 string removal for performance, though it lacks semantic filtering of prompt-based instructions within processed text or error logs.
Audit Metadata