Skillv0.1.2

ClawScan security

Obsync · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 5, 2026, 4:51 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (an Obsidian sync CLI) matches what the instructions describe, but the runtime instructions reference environment variables and secret-handling behaviors that are not declared in the metadata and raise practical security/privacy concerns.
Guidance: This skill appears to be what it says (an Obsidian sync CLI) but has a few red flags you should address before installing: 1) Inspect the Homebrew formula (bpauli/tap/obsync) and the GitHub repo/release artifacts to confirm the binary's provenance; do not blindly trust a third-party tap. 2) The SKILL.md references environment variables (OBSYNC_KEYRING_BACKEND, OBSYNC_KEYRING_PASSWORD, OBSYNC_CONFIG) and login credentials but the metadata does not declare them — treat any instructions to export passwords as risky. Prefer using a secure OS keyring rather than exporting plaintext passwords or using file-backed keyrings on multi-user systems. 3) When installing the systemd user service, review the generated unit file and the file locations/permissions for ~/.config/obsync and any on-disk keyring files to ensure secrets are not world-readable. 4) On shared or CI-hosted servers, avoid setting OBSYNC_KEYRING_PASSWORD in environment variables; consider a dedicated user account and strict filesystem permissions. 5) If you need higher assurance, build obsync from source yourself (Go 1.25+) or review the source code to confirm secret handling and network endpoints. Finally, request the skill author update metadata to declare the env vars and credential needs explicitly so the behavior is transparent.

Review Dimensions

Purpose & Capability: okName, description, required binary (obsync), and install method (Homebrew formula bpauli/tap/obsync; source build option) are coherent with an Obsidian Sync CLI. Commands (login, pull/push/watch, install systemd service) align with a vault-syncing tool and require an Obsidian account/subscription as expected.
Instruction Scope: concernSKILL.md instructs the agent and user to run obsync commands, configure a keyring backend, optionally export OBSYNC_KEYRING_PASSWORD, install and manage per-user systemd services, and writes config to ~/.config/obsync/config.json. Those actions are within the tool's purpose, but the instructions reference environment variables (OBSYNC_KEYRING_BACKEND, OBSYNC_KEYRING_PASSWORD, OBSYNC_CONFIG) and file-based keyring usage that are not declared in the skill metadata and that could lead to storing secrets in plaintext or on-disk in an insecure way.
Install Mechanism: noteInstall uses a Homebrew formula (bpauli/tap/obsync) and offers building from source (Go 1.25+). Homebrew is a reasonable low-risk install mechanism, but this is a third‑party tap (not the official core tap) so users should inspect the tap/formula and upstream GitHub release artifacts before trusting the binary.
Credentials: concernMetadata declares no required env vars or primary credential, yet the instructions explicitly reference several env vars (OBSYNC_KEYRING_BACKEND, OBSYNC_KEYRING_PASSWORD, OBSYNC_CONFIG) and expect login credentials (email/password, optional MFA). The omission in metadata is an inconsistency; additionally, suggesting exporting a plaintext OBSYNC_KEYRING_PASSWORD or using a file-based keyring on headless servers increases the risk of secret exposure and may be disproportionate without guidance on secure storage/access control.
Persistence & Privilege: noteThe skill suggests installing per-user systemd service units (obsync@<vault-id>.service), enabling lingering for always-on sync, and storing config under ~/.config/obsync. This grants a persistent user-level daemon and on-disk config/secrets, which is expected for a sync agent but is a persistent footprint the user should review. The skill does not set always:true and does not request system-wide privileges in the metadata.