The Agent Skills Directory

[DATA_EXFILTRATION]: The skill uses a hardcoded absolute local file path 'C:/Users/MarkusAhling/obsidian/' to check for an Obsidian vault. Hardcoding specific user directory paths is a security risk as it attempts to access local filesystem data outside the project scope and can lead to unintended data exposure if the skill is executed in environments with different security contexts.
[COMMAND_EXECUTION]: The skill installs shell scripts into '.claude/hooks/*.sh' which are configured to run automatically during lifecycle events (e.g., 'session-init', 'on-stop'). This creates a persistent mechanism for arbitrary command execution within the repository environment.
[DATA_EXFILTRATION]: The detection logic involves scanning for sensitive environment variables and service configurations, including '.envDATABASE_URL', 'Stripe', 'Sentry', and 'Slack'. While intended for framework detection, processing these sensitive files increases the risk of accidental credential exposure or exfiltration.
[COMMAND_EXECUTION]: The workflow relies on fetching shell script 'recipes' from external MCP tools (e.g., 'cc_kb_hook_recipe') and writing them to disk as executable files. This dependency on externally provided code that is then executed locally is a potential vector for malicious code injection if the source or the transport is compromised.

claude-code-setup