islandiguana

SUSPICIOUS: the skill’s purpose and file access are coherent for Obsidian vault search/editing, and no exfiltration or credential harvesting is evident. The main issue is that core functionality depends on an unverifiable local binary with write access to the vault, which forces a high security-risk classification even without clear malicious intent.