obsidian
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill automates the installation of the
obsidian-cliutility using Homebrew from theyakitrak/yakitrak/obsidian-clirepository. - [COMMAND_EXECUTION]: The skill reads the local Obsidian configuration file located at
~/Library/Application Support/obsidian/obsidian.jsonto identify active vault paths. - [COMMAND_EXECUTION]: The skill provides instructions for executing various
obsidian-clicommands to perform search, creation, move, and deletion operations on Markdown notes within the vault. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with untrusted content in Markdown files.
- Ingestion points: The skill reads file content through
obsidian-cli search-contentand direct file access. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are present.
- Capability inventory: The skill possesses capabilities to create, move, and delete files within the local filesystem via
obsidian-cliand standard file operations. - Sanitization: No sanitization or validation of the content retrieved from the notes is specified.
Audit Metadata