tag-taxonomy
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted markdown files within the user's vault to manage tags, creating an indirect prompt injection surface. Ingestion points: Vault files and taxonomy metadata. Boundary markers: Absent. Capability inventory: Extensive file reading and writing within the vault. Sanitization: Not provided.
- [DATA_EXFILTRATION]: The skill instructs the agent to read sensitive local files, such as .env and ~/.obsidian-wiki/config, to resolve its configuration. This exposes local environment variables to the model context.
- [NO_CODE]: The skill contains only instructional markdown and lacks executable code or scripts.
Audit Metadata