Skills
skills/ar9av/obsidian-wiki/wiki-rebuild/Gen Agent Trust Hub

wiki-rebuild

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill ingests data from a local vault and has the capability to modify or delete files.
  • Ingestion points: The skill reads .manifest.json, archive-meta.json, and various wiki content files (e.g., concepts/, entities/) as part of the archival and restoration process.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands within the vault files are mentioned.
  • Capability inventory: The skill possesses the ability to create directories, copy files, and delete content across the live wiki structure in SKILL.md.
  • Sanitization: There is no evidence of sanitization or validation of the content processed from the vault files.
  • [SAFE]: The skill reads the .env file to retrieve the OBSIDIAN_VAULT_PATH. This is a standard practice for local configuration and no network exfiltration of environment data is performed.
  • [SAFE]: The skill performs destructive operations, such as clearing directories, which are the primary intended functions for 'starting fresh'. These actions are mitigated by mandatory user confirmation and the creation of an archive before proceeding.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:38 PM