• API keys must come from environment variables or local Obsidian settings.
• Never print API key values.
• Never commit .env, SQLite indexes, or Obsidian vault private data.

• ORDERK_SILICONFLOW_API_KEY for orderk SiliconFlow embeddings
• ORDERK_OPENAI_API_KEY / ORDERK_EMBEDDING_API_KEY for OpenAI-compatible orderk embeddings
• Hermes/SF provider keys such as HERMES_SF_API_KEY and HERMES_SILICONFLOW_API_KEY belong to Hermes chat/provider routing, not orderk production paths

The Obsidian plugin shells out to the CLI. It does not parse or persist embedding API keys by default in this skeleton.

• Search/MCP remain read-only and do not expose note-write tools.
• orderk jianling is CLI-only in this slice and writes generated Markdown only under brain/ plus receipts/evidence/watermarks under .orderk/jianling/.
• Raw transcripts and raw notes are read as evidence; Jianling must not rewrite files under raw/.
• Generated excerpts redact common secret labels and token shapes before being stored in evidence packs.
• Jianling refuses symlinked generated-output paths, symlinked lock/sidecar targets, and unsafe scheduler deletion of files that were not generated by orderk jianling enable.

git grep -nE 'OPENAI_API_KEY|ANTHROPIC_API_KEY|NPM_TOKEN|GITHUB_TOKEN|sk-[A-Za-z0-9]|ghp_[A-Za-z0-9]|BEGIN (RSA|OPENSSH|EC|DSA) PRIVATE KEY' -- . ':!package-lock.json' ':!Cargo.lock'