Skills
skills/olivoil/skills/weekly-rollup/Gen Agent Trust Hub

weekly-rollup

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes user-controlled content from Markdown files (daily notes, meeting notes, and coding sessions) to generate its summary.
  • Ingestion points: Processes content from all files within the Daily Notes/, Meetings/, and Coding/ directories.
  • Boundary markers: The instructions do not specify any delimiters or safety warnings to ensure the agent ignores potential instructions embedded within the notes it reads.
  • Capability inventory: The agent can read and write files to the local filesystem and execute commands via the obsidian CLI tool.
  • Sanitization: There is no evidence of filtering or validation for the content retrieved from the notes before it is interpolated into the summary generation prompt.
  • [COMMAND_EXECUTION]: The skill uses the obsidian CLI tool to perform operations such as retrieving vault paths, reading links, and creating files. While these are legitimate actions for an Obsidian-focused tool, they represent execution of local system commands.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 06:33 PM