The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides templates and instructions for executing shell commands and system-level scheduling operations.
Evidence: references/system-schedulers.md contains Bash script skeletons and macOS launchd plist configurations (com.obsidian.morning-routine.plist) to automate tasks.
Evidence: SKILL.md describes the use of obsidian eval to execute arbitrary code within the Obsidian environment.
[DATA_EXFILTRATION]: The skill includes patterns for extracting vault data and writing it to external local storage.
Evidence: references/job-recipes.md and SKILL.md provide examples of exporting search results to JSON files in the user's home directory (e.g., ~/tmp/active_notes.json).
[PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by instructing the agent to ingest and process potentially untrusted content from Obsidian vaults.
Ingestion points: Vault content is read via obsidian search and obsidian daily commands as seen in references/job-recipes.md and SKILL.md.
Boundary markers: Absent; there are no instructions provided to separate or ignore potentially malicious instructions embedded within notes.
Capability inventory: The agent can execute shell scripts, write files, and interact with system schedulers (launchctl, crontab).
Sanitization: Absent; no validation or escaping of vault content is suggested before it is processed or exported.

obsidian-cron