obsidian-sync

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly reads full file contents and injects them verbatim into mcp__obsidian__write_note calls (content/frontmatter fields), which would cause any secrets present in source files to be output/exfiltrated by the LLM.