obsidian-cli-skills
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed Obsidian command reference, but it can read, change, and delete local notes, so users should use destructive commands carefully.
Before installing, confirm you trust the obsidian-cli binary, verify which vault it will use, and require confirmation before any delete, overwrite, move, or metadata-edit command.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Accidental or poorly scoped use could rename, modify, or delete notes in the user's Obsidian vault.
The skill documents commands that can move, delete, and edit Obsidian notes. This is aligned with the stated purpose, but it can permanently change local user content if invoked without care.
obsidian-cli move "旧路径" "新路径" ... obsidian-cli delete "笔记名" ... obsidian-cli frontmatter "笔记名" --edit --key "key名" --value "值"
Use explicit user confirmation for delete, overwrite, move, and frontmatter-edit operations, and keep vault backups.
If a user has an unexpected or untrusted obsidian-cli binary in their environment, the skill's commands would use that binary.
The skill's instructions rely on an obsidian-cli command, but the registry does not declare or install that binary. This is not hidden execution, but users must verify the CLI provenance themselves.
No install spec — this is an instruction-only skill. ... Required binaries (all must exist): none
Install obsidian-cli only from a trusted source and confirm which binary is on PATH before using the skill.
Private notes or instructions written inside notes could be exposed to, or influence, the agent during use.
The skill can print and search note contents, which may place private vault text into the agent's working context. This is expected for an Obsidian note-management skill.
obsidian-cli print "笔记名" ... obsidian-cli search-content "关键词"
Only retrieve notes needed for the task, avoid storing secrets in notes used with agents, and treat note text as user data rather than trusted instructions.
The agent may operate against vaults discovered from the user's local Obsidian configuration.
The skill notes that the CLI reads local Obsidian application configuration to find vault information. This is purpose-aligned and not shown to access credentials, but it is local profile/config access users should understand.
CLI 通过 `~/Library/Application Support/obsidian/obsidian.json` 获取 vault 信息
Verify the selected vault before running commands, especially destructive ones, and use the --vault option or set-default intentionally.