obsidian-knowledge-filter

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The workflow explicitly extracts and writes verbatim content from the user's Markdown files into YAML/MD outputs (and uses those contents in generated analyses) without any mention of redaction, so any secrets present in the files (API keys, tokens, passwords) would be included in the agent's outputs and risk exfiltration.