The Agent Skills Directory

[SAFE]: The skill operates entirely on local files within a user-specified vault path. It performs read-only diagnostics to identify structural issues in Markdown notes.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface because its diagnostic scripts (e.g., find_broken_links.py, find_orphans.py) read and process the content of all Markdown files in the targeted vault. Malicious instructions embedded within a note's wikilinks or frontmatter could potentially influence the agent's behavior when it reviews the diagnostic output.
Ingestion points: The Python scripts in the scripts/ directory read .md file content from the user-provided vault path using Path.read_text().
Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are used when processing note content.
Capability inventory: The skill utilizes local Python scripts and references external CLI tools (obsidian, qmd) for additional diagnostics.
Sanitization: The scripts use basic regular expressions and string splitting for parsing, which is standard for diagnostic tools but does not provide advanced sanitization of note contents.
[COMMAND_EXECUTION]: The SKILL.md file instructs the agent to execute provided Python scripts and external CLI utilities. These operations are essential to the skill's primary purpose of vault maintenance and do not involve shell injection vulnerabilities in the scripts themselves.

ideaverse-maintenance