tag-taxonomy

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted markdown files within the user's vault to manage tags, creating an indirect prompt injection surface. Ingestion points: Vault files and taxonomy metadata. Boundary markers: Absent. Capability inventory: Extensive file reading and writing within the vault. Sanitization: Not provided.
  • [DATA_EXFILTRATION]: The skill instructs the agent to read sensitive local files, such as .env and ~/.obsidian-wiki/config, to resolve its configuration. This exposes local environment variables to the model context.
  • [NO_CODE]: The skill contains only instructional markdown and lacks executable code or scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 12:14 AM
Security Audit — agent-trust-hub — tag-taxonomy