The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill's automated installation process requires cloning a repository from an unverified GitHub user ('GumbyEnder') and downloading binary assets from the 'obsidian-community' organization. These sources are not established trusted entities.
[REMOTE_CODE_EXECUTION]: The recommended installation method involves running a shell script ('hermes-kanban-install.sh') directly after cloning a remote repository. This allows for the execution of arbitrary commands from an unverified external source on the user's system.
[COMMAND_EXECUTION]: The skill instructions require the user to execute shell scripts and modify system firewall settings using administrative commands ('netsh advfirewall'). These operations grant the skill and its associated plugin significant control over the host's networking and security posture.
[DATA_EXFILTRATION]: The configuration guide encourages users to bind the REST API server to all network interfaces ('0.0.0.0') and open firewall ports to allow remote access. Since this server has direct read/write access to the Obsidian vault (which often contains sensitive personal or professional data), this creates a high risk of unauthorized data access or exfiltration by remote actors.
[PROMPT_INJECTION]: The skill processes untrusted content from the Obsidian vault (Markdown notes and metadata) to drive agent behavior. The lack of defined boundary markers or sanitization logic makes it susceptible to indirect prompt injection, where malicious instructions hidden in a note could influence the agent's actions.

hermes-kanban-obsidian-integration