obsidian-cli-uri-fallback
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection or behavior override patterns detected. The instructions are focused on standard error handling and file persistence logic.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive data exposure, hardcoded credentials, or network exfiltration patterns found. The skill interacts with the local file system to save notes to an Obsidian vault as intended.
- [OBFUSCATION]: No obfuscated content, encoded strings, zero-width characters, or hidden URLs were identified.
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: No remote code execution or external script downloads detected. The skill uses a local
obsidian-clitool and standard bash utilities. - [INDIRECT_PROMPT_INJECTION]: The skill processes output from the
obsidian-clicommand to detect failure signatures. - Ingestion points:
obsidian-clistdout/stderr (SKILL.md) - Boundary markers: Absent
- Capability inventory:
Bash(subprocess),Write(file system write) - Sanitization: Absent
- Analysis: Although the skill processes external command output, it does so to trigger a local file-writing fallback. The actions are limited to the intended automation scope without high-risk capability chaining.
Audit Metadata