Skills
skills/zpankz/obsidian-skills/ai4pkm-helper/Gen Agent Trust Hub

ai4pkm-helper

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the ai4pkm CLI tool to perform all actions, including orchestrator management, agent execution, and status monitoring.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its data ingestion capabilities.
  • Ingestion points: Processes untrusted content from local directories, Apple Notes folders, and Apple Photos albums.
  • Boundary markers: There are no explicit delimiters or instructions provided in the configuration to separate processed content from instructions.
  • Capability inventory: The system can execute commands through AI executors like claude_code and gemini_cli and manage local filesystem tasks.
  • Sanitization: The skill lacks evidence of input sanitization or filtering to prevent malicious instructions within ingested data from influencing agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 02:49 PM