vault-qmd
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of local qmd commands (status, query, search, get, ls, update, embed) for vault management.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: 1. Ingestion points: Reads vault notes via qmd query, qmd search, and qmd get (SKILL.md). 2. Boundary markers: No explicit use of delimiters or ignore instructions for note content. 3. Capability inventory: Ability to update indices and append to logs via qmd update, vault-index, and vault-log (SKILL.md). 4. Sanitization: No mentioned validation or sanitization of retrieved markdown content.
Audit Metadata