wiki-query

Fail

Audited by Snyk on May 19, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.85). The skill contains multiple high-risk patterns — it instructs reading .env and a home config (even via symlink to the vault), writing queries to a persistent log, and routing queries/files through configurable external transports (MCP/CLI/QMD) which can transmit vault content or secrets off-host; combined with the "do not mention excluded pages" stealth guidance, these behaviors strongly enable credential harvesting and data exfiltration even if explicit malicious payloads are not hard-coded.

Issues (1)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 19, 2026, 10:03 AM
Issues
1
Security Audit — snyk — wiki-query