obsidian-wiki
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for documentation management and synthesis. It instructs the agent on how to maintain a persistent wiki across sessions.
- [COMMAND_EXECUTION]: The skill includes a local Node.js script (
scripts/init-wiki.mjs) used to scaffold the initial directory structure and markdown templates. This script uses standard Node.js modules (node:fs,node:path) to perform file system operations within the local environment as directed by the user or agent environment variables. - [INDIRECT_PROMPT_INJECTION]: The skill defines an 'Ingest' operation where the agent reads external documentation to update the wiki. While this constitutes an ingestion surface for untrusted data, the agent's instructions focus on synthesis and citation rather than executing the content of the processed data. The risk is minimized by the skill's specific focus on documentation and the LLM's inherent safety guardrails.
- [DATA_EXPOSURE]: The skill operates entirely on the local file system or specified Obsidian vault paths. There are no network operations or exfiltration patterns detected.
Audit Metadata