wiki-dashboard
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's operations are confined to the local file system for the purpose of vault management. No malicious patterns, obfuscation, or remote code execution were identified.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes content from the user's Obsidian vault to inform its dashboard creation logic.
- Ingestion points: The agent reads the vault's index file at '$OBSIDIAN_VAULT_PATH/index.md' and inspects the frontmatter of notes across the vault.
- Boundary markers: There are no explicit delimiters or specific instructions to the agent to disregard potential instructions embedded within the vault files being read.
- Capability inventory: The skill enables the agent to write new YAML files ('.base' files) to the '_meta/' directory and modify existing markdown notes to embed these dashboards.
- Sanitization: The skill does not describe any specific sanitization or validation steps for the content ingested from the vault files before using that data to build queries.
Audit Metadata