Skills
skills/orange-brother/obsidian-skills/dev-log/Gen Agent Trust Hub

dev-log

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to gather repository metadata, including git log, git diff, git status, and gh pr view (Step 2). It also utilizes obsidian search commands via the obsidian-cli (Step 2.5).
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from git commit logs and pull request content.
  • Ingestion points: Output from git log and gh pr view (SKILL.md, Step 2).
  • Boundary markers: Absent; there are no delimiters used to isolate git/PR data from the agent's instructions.
  • Capability inventory: The skill can write markdown files to the local filesystem and perform self-modification (SKILL.md, Steps 0 and 4).
  • Sanitization: No validation or sanitization of ingested git metadata is performed.
  • [COMMAND_EXECUTION]: The skill performs a self-configuration step by instructing the agent to modify the SKILL.md file's content to persist the user's Obsidian vault path (Step 0).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:29 AM
Security Audit — agent-trust-hub — dev-log