obsidian-reader

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs the agent to read and quote note contents verbatim (and present full content if requested) and uses filesystem reads/grep, so any API keys or passwords stored in the vault would be returned in the agent's output, creating an exfiltration risk.