Obsidian Canvas Creator

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Obsidian Canvas helper with some routing and text-fidelity caveats, but no evidence of hidden execution, credential use, exfiltration, or persistence.

Install this if you want Claude Code to generate Obsidian Canvas JSON from your text. Use explicit requests like 'Obsidian Canvas' or '.canvas' to avoid accidental activation, and review generated canvas content if exact quote preservation matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger phrases for the skill set are broad and overlap with normal user requests for diagrams or mind maps, which can cause the skill to activate when the user did not explicitly intend to use it. In a prompt-driven agent system, unintended activation increases the chance of inappropriate file creation, instruction interference, or routing sensitive content into a skill with different assumptions than the base agent.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The Mermaid trigger list includes generic terms like 'visualize' and 'flowchart', which are common in ordinary requests and may activate the skill outside its intended scope. This broad matching can cause accidental tool selection, mis-handle user content, or let prompt-level instructions from the skill override safer default behavior for unrelated tasks.

Vague Triggers

Low

Confidence: 88% confidence
Finding: The Canvas trigger words are somewhat vague, especially terms like 'mind map' and 'visual diagram', so the skill may activate for general brainstorming or visualization requests that were not meant for Obsidian Canvas output. The impact is lower than the other findings because the trigger set is more limited and tied to Canvas context, but it still creates avoidable ambiguity in agent behavior.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases for this visualization skill are broad terms like "Canvas", "思维导图", and "可视化图表", which can overlap with ordinary user requests and cause unintended invocation of the skill. In an agent environment, overly generic triggers can route unrelated content into file-generation behavior, increasing the chance of unintended writes, incorrect task selection, or prompt-scope confusion.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The specification instructs unconditional character substitutions for Chinese content, altering user data in a locale-specific way without consent or clear necessity. In this skill's context, that can corrupt note contents, break expected quoting semantics, and produce misleading or lossy canvas text for multilingual users.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal