Back to skill

Security audit

Obsidian Best Practices

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Obsidian resource guide with some messy copied web content, but it does not install code, run commands, or access user data by itself.

Installing this skill should only add a bundled reference guide. Treat its recommendations as curated links with some noisy copied content, and be careful before manually running any sync commands from the references, especially modes that can revert local vault changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest describes a knowledge-base skill with a curated master list of Obsidian resources for recommendations. However, this file includes raw fallback HTML, unrelated non-Obsidian website content about reserve studies, and embedded "Live Content" dumps from external sources, which goes beyond a curated resource list and changes the artifact from a clean knowledge base into a mixed scrape/archive.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The manifest scope is recommendations for Obsidian guides, PKM methods, workflows, and Dataview snippets. This section shifts into self-promotional content, newsletter/podcast signups, contact details, and a bonus gamification resource list, which are not necessary to fulfill the stated purpose and introduce unrelated recommendation targets.

Natural-Language Policy Violations

Low
Confidence
88% confidence
Finding
This markdown file includes fallback HTML content with `lang="en"` and a client environment value `"locale":"en"`, which hard-codes English in natural-language/config text. There is no accompanying opt-in, language selection, or stated regional justification in this file, so it appears to impose a locale choice unilaterally.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.