pp-obsidian

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the obsidian-pp-cli and obsidian-pp-mcp binaries from the author's official GitHub repository (github.com/mvanhorn/printing-press-library) and NPM registry (@mvanhorn/printing-press-library).
  • [COMMAND_EXECUTION]: Executes the obsidian-pp-cli tool to perform vault analytics, search files, and retrieve note content.
  • [DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook: feature that allows sending command results, which may contain sensitive vault data, to external network endpoints.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from the user's Obsidian vault and possesses network and file-writing capabilities, representing a surface for indirect prompt injection.
  • Ingestion points: Reads Obsidian note content via the notes command.
  • Boundary markers: None present.
  • Capability inventory: File writing via --deliver file and network POSTs via --deliver webhook.
  • Sanitization: None described for processed note content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 07:45 AM
Security Audit — agent-trust-hub — pp-obsidian