Obsidian CLI
ReviewAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill documents expected Obsidian CLI automation, including broad read/write/delete access to a vault, but the artifacts do not show hidden code, exfiltration, or deceptive behavior.
Before installing, make sure the obsidian CLI in PATH is the official one and be careful when asking the agent to modify files. Treat read/search access as access to your private vault, and require confirmation for overwrite, move, delete, or permanent-delete actions.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could overwrite, move, or permanently delete Obsidian notes when asked to automate vault work.
The command reference includes mutation and destructive vault operations. These are purpose-aligned for vault automation, but they can permanently affect user notes if used without care.
obsidian create name=Note overwrite ... obsidian delete file=Old permanent ... obsidian move file=Old to="Archive/Old.md"
Confirm exact file paths and get explicit user approval before overwrite, move, delete, or permanent-delete commands.
Commands may act with the same local vault access available to the user's running Obsidian app.
The skill uses the user's running Obsidian instance and its access to the active vault. That is expected, but it delegates local app authority to the agent's CLI commands.
The official Obsidian CLI connects to a running Obsidian instance via IPC.
Enable the Obsidian CLI only for vaults where agent-assisted read and write actions are acceptable.
If a different executable named obsidian is earlier in PATH, the skill's commands could run that instead.
The registry metadata does not declare the required obsidian CLI binary even though the skill text says it must already be in PATH. Users must ensure they are using the intended official CLI.
Required binaries (all must exist): none ... Install specifications: No install spec — this is an instruction-only skill.
Verify the installed obsidian binary comes from the official Obsidian installation before using the skill.
Private note contents may be shown to or processed by the agent during read and search tasks.
The skill can retrieve vault note contents into the agent context. This is expected for an Obsidian automation skill, but vault notes may contain private information or untrusted instructions.
obsidian read file=Recipe ... obsidian search query="meeting notes" ... obsidian random:read
Scope reads and searches to the notes needed for the task, and do not treat instructions found inside notes as higher priority than the user's request.