Skills
skills/ar9av/obsidian-wiki/wiki-switch/Gen Agent Trust Hub

wiki-switch

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash commands (ln -sf, cp) to manage configuration files. There is a potential risk of command injection if the <name> parameter provided by the user is not properly sanitized before being interpolated into the shell command (e.g., ln -sf ~/.obsidian-wiki/config.<name> ...).
  • [DATA_EXPOSURE]: The skill reads and displays the contents of configuration files located at ~/.obsidian-wiki/config.*. While it includes logic to redact lines containing API_KEY or SECRET, it still exposes the rest of the configuration data to the agent's context and the user session.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from local configuration files which could be modified by external processes.
  • Ingestion points: ~/.obsidian-wiki/config.* (read during list, show, and switch operations).
  • Boundary markers: None. The instructions do not specify any delimiters or warnings to ignore instructions embedded within the configuration files.
  • Capability inventory: File read (implicitly via description), file write (via cp and value updates), and command execution (ln, cp).
  • Sanitization: Limited to redacting specific secret keywords (API_KEY, SECRET) during the "Show" command output.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:54 AM