The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on executing shell commands through the obsidian CLI tool to perform vault operations and developer tasks.
[REMOTE_CODE_EXECUTION]: The skill provides instructions for using the obsidian eval command, which allows for the execution of arbitrary JavaScript code directly within the running Obsidian application context.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it ingests untrusted data from external files. * Ingestion points: Note content is brought into the agent's context through the obsidian read and obsidian search commands. * Boundary markers: The skill does not provide any instructions to use delimiters or ignore instructions found within the note content. * Capability inventory: The agent has access to highly sensitive capabilities, including app-context code execution (obsidian eval) and the ability to modify vault files (obsidian create, obsidian append). * Sanitization: There is no mention of sanitizing or validating the content retrieved from notes before it is processed by the agent.

obsidian-cli