cli-anything-obsidian
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
cli-anything-obsidianPython package from an external registry. This is the core package for the skill and is maintained by the skill's author. - [COMMAND_EXECUTION]: The skill functions by executing the
cli-anything-obsidiancommand-line utility, which interacts with the local Obsidian application and its file vault via a REST API. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads data from an external source (Obsidian notes) that could contain untrusted instructions. 1. Ingestion points:
vault readcommand (SKILL.md). 2. Boundary markers: Absent; no specific instructions are provided to the agent to ignore instructions embedded in note content. 3. Capability inventory:vault create,vault update,vault delete,vault append, andcommand execute(SKILL.md) allow for file system modification and Obsidian command execution. 4. Sanitization: Absent; the skill does not specify any sanitization or validation of the content retrieved from notes before processing.
Audit Metadata