obsidian-project-lifecycle

SUSPICIOUS. The stated purpose matches the visible capabilities: local Obsidian lifecycle management with archive/purge/rename flows. However, execution trust is weakened because the core behavior is delegated to an unverified local helper script outside this skill, with no public provenance or release verification in the evidence. No credential handling, network exfiltration, or third-party routing is shown, so the main concern is opaque local code plus destructive filesystem actions rather than confirmed malicious behavior.