graph-colorize
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill performs standard file system operations required for its functionality, including reading configuration files from the user's home directory (
~/.obsidian-wiki/config) and the project root (.env). It also performs globbing of markdown files and writes to the Obsidian configuration file (graph.json). - [DATA_EXFILTRATION]: No network operations or data transmission patterns were detected. The skill's scope is limited to local configuration management and file reading within the designated vault path.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data by reading tags from the frontmatter of all markdown files in the vault (
$VAULT_PATH/**/*.md). This data influences the generation of thecolorGroupsconfiguration array. While a user could theoretically craft malicious tags to influence the graph's visual configuration, the impact is strictly limited to UI settings within Obsidian and does not lead to code execution or data leakage. - Ingestion points: Frontmatter
tagsparsed from markdown files during the globbing process inSKILL.md. - Boundary markers: None explicitly defined; the agent is expected to parse standard YAML frontmatter.
- Capability inventory: File reading (vault markdown), file writing (graph.json), and logging (
log.md). - Sanitization: The skill instructs the agent to convert findings into a structured JSON array for the
colorGroupsfield, effectively sanitizing the input into a static configuration format.
Audit Metadata