tldr
Pass
Audited by Gen Agent Trust Hub on May 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is transparent and strictly aligned with its stated purpose of managing conversation notes in an Obsidian vault.
- [COMMAND_EXECUTION]: The skill performs local file system operations, including reading, writing, and deleting files within the vault's directory structure. These operations are triggered by user commands, and deletion requires explicit confirmation from the user to prevent accidental data loss.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it summarizes conversation history and stores it in files (like
memory.mdor project-specific TLDR files) that are subsequently read back into the agent's context. This is a characteristic of the skill's primary function. - Ingestion points: The skill reads from the active conversation context and existing vault files (
memory.md,tldr.md). - Boundary markers: Absent; the summaries are stored as standard markdown without specific delimiters to isolate potentially untrusted content.
- Capability inventory: The skill has file system read, write, and delete capabilities.
- Sanitization: Content is summarized but not explicitly sanitized or escaped to prevent the persistence of malicious instructions.
Audit Metadata