Skills
skills/zpankz/obsidian-skills/notemdpro-content-generator/Gen Agent Trust Hub

notemdpro-content-generator

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches web content via search providers (Tavily, DuckDuckGo) and direct URL fetching to provide context for content generation.
  • [COMMAND_EXECUTION]: Performs automated file system operations including batch markdown generation and file-based syntax repair for Mermaid diagrams.
  • [PROMPT_INJECTION]: Risk of indirect prompt injection through external data ingestion.
  • Ingestion points: Web content retrieved via _performResearch and fetchContentFromUrl in SKILL.md.
  • Boundary markers: The prompt template in SKILL.md uses a {RESEARCH_CONTEXT_SECTION} placeholder but lacks explicit instructions to ignore potentially malicious directions within that context.
  • Capability inventory: The skill has file system write access (batchGenerateContentForTitles, fixMermaidSyntaxInFile) and network read capabilities.
  • Sanitization: No security-focused sanitization is documented; only formatting-related cleanup (cleanupLatexDelimiters, refineMermaidBlocks) is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 02:49 PM