project-to-obsidian

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] SUSPICIOUS — The skill's capabilities are mostly consistent with its stated purpose, but it requests and would read sensitive files (e.g., **/.env*, config files) and then writes generated content into targets that include an Obsidian vault via MCP or local folders. The SKILL.md lacks explicit secret-redaction, per-secret confirmation, or least-privilege guidance for MCP access. That creates a realistic risk of accidental credential exposure or unauthorized data writes. There is no direct evidence of intentional malware or external exfiltration endpoints, but the combination of broad filesystem reads and powerful write sinks means this skill should be treated with caution and should implement explicit safeguards (secret filtering, preview & approval of content, and limited-scope MCP permissions) before use. LLM verification: This skill appears functionally consistent with its stated purpose (convert a project into an Obsidian knowledge base). The main security concern is that it explicitly reads .env and config files (including potential secret values) and writes generated content into a default central location (00_Inbox/AI/...), potentially persisting sensitive data without explicit per-secret consent or redaction. There are no explicit network exfiltration endpoints or obfuscated code, and no hardcoded credential