save-term
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data to be written into vault notes.\n
- Ingestion points: User-supplied terms and quotes processed in SKILL.md.\n
- Boundary markers: The skill lacks explicit markers or instructions to isolate the user-provided terminology and source quotes from the note templates.\n
- Capability inventory: The skill uses the Write tool and Obsidian CLI to read from and write to the local file system.\n
- Sanitization: The skill identifies potential filename conflicts and suggests safe filesystem variants, but does not provide sanitization for the note content itself.
Audit Metadata