Skills
skills/claude-office-skills/skills-hub/Obsidian Automation/Gen Agent Trust Hub

Obsidian Automation

Pass

Audited by Gen Agent Trust Hub on Jun 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection within the web clipping and research automation features.
  • Ingestion points: External data enters the agent context via the web_clipper tool (which processes page titles, URLs, and selections) and the research_workflow (which gathers external sources) as defined in SKILL.md.
  • Boundary markers: There are no explicit delimiters or boundary instructions to separate untrusted external content from the agent's core instructions.
  • Capability inventory: The skill possesses capabilities to write to the filesystem and search local notes through tools like obsidian_create_note, obsidian_search, and obsidian_link in SKILL.md.
  • Sanitization: The skill lacks evidence of sanitization, escaping, or validation of external content before it is interpolated into templates or note creation tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 3, 2026, 02:51 PM
Security Audit — agent-trust-hub — Obsidian Automation