The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell utilities including grep, sort, and comm for data analysis. The Synthesis Gaps check specifically instructs the agent to interpolate concept names—which are derived from vault file names and page content—directly into a bash command string. This creates a risk of command injection if the vault contains malicious file names or content designed to break out of the shell command context.
[PROMPT_INJECTION]: The skill possesses a significant attack surface for indirect prompt injection as it ingests and processes untrusted markdown content to drive file operations and metadata updates.
Ingestion points: Markdown file bodies, frontmatter fields, and file names within the Obsidian vault as defined in SKILL.md.
Boundary markers: The skill does not define delimiters or provide instructions to the agent to ignore embedded commands within the files being audited.
Capability inventory: File system modifications including moving files, writing content, and updating frontmatter; local shell command execution.
Sanitization: No sanitization or escaping logic is provided for data extracted from the vault before it is used in automated logic or command line execution.
[DATA_EXFILTRATION]: The skill accesses the sensitive .env file to retrieve the OBSIDIAN_VAULT_PATH. It also performs automated content scanning for sensitive data patterns including password, api_key, secret, and token as part of its visibility audit functionality.

wiki-lint