Skills
skills/ylt/claude-plugins/obsidian-vault/Gen Agent Trust Hub

obsidian-vault

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) due to its core design of reading and processing external data from the Obsidian vault.
  • Ingestion points: The skill relies on reading the VAULT.md file and individual notes using the mcp__obsidian__view tool to determine organizational rules and content placement.
  • Boundary markers: No explicit boundary markers or delimiters are defined to isolate untrusted note content from the agent's internal instructions.
  • Capability inventory: The skill utilizes several powerful tools including mcp__obsidian__vault (list, create, move), mcp__obsidian__edit (edit, append), and mcp__obsidian__graph (statistics, neighbors, forwardlinks, traverse) which allow the agent to modify the file system and connectivity structure.
  • Sanitization: The skill does not implement sanitization or validation of the data read from the vault before using it to generate updates or index entries.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 03:20 AM