pp-obsidian
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the obsidian-pp-cli and obsidian-pp-mcp binaries from the author's official GitHub repository (github.com/mvanhorn/printing-press-library) and NPM registry (@mvanhorn/printing-press-library).
- [COMMAND_EXECUTION]: Executes the obsidian-pp-cli tool to perform vault analytics, search files, and retrieve note content.
- [DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook: feature that allows sending command results, which may contain sensitive vault data, to external network endpoints.
- [PROMPT_INJECTION]: The skill ingests untrusted data from the user's Obsidian vault and possesses network and file-writing capabilities, representing a surface for indirect prompt injection.
- Ingestion points: Reads Obsidian note content via the notes command.
- Boundary markers: None present.
- Capability inventory: File writing via --deliver file and network POSTs via --deliver webhook.
- Sanitization: None described for processed note content.
Audit Metadata