Skills
skills/ar9av/obsidian-wiki/wiki-capture/Gen Agent Trust Hub

wiki-capture

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive local file paths, specifically ~/.obsidian-wiki/config and .env. While these are used to retrieve configuration parameters like OBSIDIAN_VAULT_PATH, .env files are standard locations for storing sensitive environment variables and API keys.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8).
  • Ingestion points: The skill ingests untrusted data from the current conversation history to generate wiki notes.
  • Boundary markers: No explicit boundary markers or instructions to disregard embedded commands in the conversation are provided.
  • Capability inventory: The skill possesses file-read and file-write capabilities across the vault path and tracking files (SKILL.md).
  • Sanitization: There is no explicit sanitization or validation of the conversation content before the agent processes and writes it to the local file system.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 02:55 PM