The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the way it processes vault data.
Ingestion points: Note bodies are read using the obsidian_read_note tool during the scanning phase.
Boundary markers: The instructions do not define delimiters or specific 'ignore' instructions for the content retrieved from notes.
Capability inventory: The skill has the ability to modify notes via obsidian_replace_in_note and perform semantic analysis via obsidian_rag_query.
Sanitization: No sanitization or validation of note content is performed before the agent processes it for link matching or RAG queries.

cross-linker