Skillv1.0.0

ClawScan security

Awesome Obsidian · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 21, 2026, 3:27 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely matches an Obsidian workflow, but the documentation references missing helper scripts/tools and includes risky git usage patterns (inline tokens, blanket auto-commit/push) that don't fully align or are potentially unsafe.
Guidance: This package appears to be a coherent Obsidian workflow, but review before using: 1) SKILL.md references helper scripts (obsidian_audit.py, start-canvas.sh, export-canvas.sh, save-to-file.sh) that are not included — expect missing functionality. 2) Avoid cloning with 'https://oauth2:TOKEN@host/...' since that stores the token in git configs and can leak it; use a credential helper, deploy key, or personal access token stored securely with least privilege. 3) Inspect and test quick_sync.sh: it runs 'git add . && git commit && git push' and will commit everything in the vault — add/verify a .gitignore to prevent sensitive files (e.g., credentials, local plugin config) from being pushed. 4) Be cautious about the suggested cron auto-sync; automated pushes increase risk of leaking accidental secrets and may overwrite local configs. 5) Set OBSIDIAN_VAULT to a safe path before running scripts; the bundled defaults point to a workspace path that may not match your environment. 6) If you need the audit or canvas functionality, request the missing scripts from the author or obtain trusted implementations. If you plan to install/use this skill, prefer manual review and conservative git credential practices (credential helpers, SSH deploy keys, limited-scope tokens) and run scripts in a controlled environment first.

Review Dimensions

Purpose & Capability: okName/description (Obsidian PARA workflow, daily notes, git sync, hand-drawn diagrams) align with the included assets: templates, PARA docs, and two utility scripts (create_daily_note.sh, quick_sync.sh). Nothing in the manifest requests unrelated credentials or system access.
Instruction Scope: concernSKILL.md instructs use of several tools and scripts that are not present in the package (references to scripts like scripts/obsidian_audit.py, start-canvas.sh, export-canvas.sh, save-to-file.sh). It also shows cloning with an inline OAuth token in the repo URL and recommends cron auto-sync and a blanket git add/commit/push workflow — these instructions can cause tokens to be stored in repo configs or accidentally commit sensitive files. The two included scripts themselves (quick_sync.sh) will add/commit/push everything in the vault without filtering, which may be undesirable.
Install Mechanism: okInstruction-only skill with no install spec and only two small shell scripts — no downloads or extract operations. Low install surface.
Credentials: noteNo required environment variables or credentials declared. The scripts honor an optional OBSIDIAN_VAULT env var (reasonable). However SKILL.md advises pasting an OAuth token into a clone URL (https://oauth2:YOUR_TOKEN@host/...), which can store the token in .git/config and leak it; the quick_sync.sh will push whatever is present in the vault, potentially leaking sensitive files. The number of explicit credential requests is low but the suggested workflows are risky if followed without safeguards.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and has no install-time persistence. The quick_sync.sh and cron examples can cause ongoing repository changes if the user enables them, but that is local action initiated by the user.