Skills
skills/zpankz/obsidian-skills/obsidian-plugin-code-quality/Gen Agent Trust Hub

obsidian-plugin-code-quality

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill functions as a documentation and style guide for Obsidian plugin development. It does not contain any executable scripts, remote downloads, or commands that interact with the host system.
  • [SAFE]: It actively promotes security best practices by instructing developers to avoid innerHTML and outerHTML, which are common vectors for Cross-Site Scripting (XSS) attacks, and suggests safer alternatives like textContent and Obsidian's DOM helpers.
  • [SAFE]: The guidance on using requestUrl() instead of the standard fetch() is a legitimate architectural recommendation for the Obsidian platform to handle CORS correctly within the application environment.
  • [SAFE]: Other recommendations, such as avoiding global objects, managing async patterns properly, and validating metadata files (manifest.json, LICENSE), align with standard production-readiness guidelines and do not pose any security threat.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 02:49 PM