Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sync Obsidian
v1.0.0Turn every Claude Code session into a beautiful Obsidian note — automatically. Generates dual output: structured Markdown reports + interactive Canvas visual...
⭐ 0· 108·0 current·0 all-time
byKarden@chatrichai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's claimed purpose (sync Claude Code sessions to an Obsidian vault) matches the actions described (detect project, create directories, write .md and .canvas files). However the SKILL.md claims 'Zero config' while simultaneously requiring the user to set OBSIDIAN_VAULT — and the registry metadata lists no required env vars. This mismatch (referencing an environment/path variable without declaring it) is an incoherence.
Instruction Scope
Runtime instructions tell the agent to run shell commands (git, basename, mkdir), read the latest .md from .claude/plans or extract from the current conversation context, and enumerate/report 'which files changed' and 'actual file paths' in reports. That scope requires unrestricted file-system read/write and access to conversation content; it can cause sensitive code, paths, or design details to be written into the vault. The SKILL.md also mandates 'preserve original plan content' and 'reports must be specific', which increases the chance of unintended data exfiltration.
Install Mechanism
Instruction-only skill with no install spec or downloaded code — lowest installation risk. There is no code to execute from remote sources.
Credentials
No credentials or env vars are declared in registry metadata, yet SKILL.md expects the user to set OBSIDIAN_VAULT and relies on filesystem and git context. The lack of an explicit required-env declaration is inconsistent and makes it unclear how the agent will be configured. The permission scope (Read/Write/Bash/Glob/Grep/Edit) is broad but necessary for writing files; nevertheless, the skill does not justify or limit which files it will read beyond .claude/plans and project detection, so it could access more data than a user expects.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide settings according to the provided metadata.
What to consider before installing
Before installing, verify and change the following: (1) Set OBSIDIAN_VAULT explicitly and confirm the path is local and trusted (the SKILL.md references this but the registry metadata does not declare it). (2) Understand that the skill will read conversation content and repository context and will write full Markdown and Canvas files (including file paths, code snippets, and design rationale) into your vault — this can unintentionally leak secrets or sensitive design details. (3) Test in an isolated repository or a disposable vault first. (4) If you need stricter limits, ask the author to: declare OBSIDIAN_VAULT in requires.env, make the file read/write scope explicit or prompt before writing, and add a dry-run mode that shows what would be written without persisting files. (5) If your Obsidian vault is synced to cloud services, assume anything written may be uploaded—review sync targets and consider using an offline vault for sensitive projects.Like a lobster shell, security has layers — review code before you run it.
knowledge-managementvk97fvbrz0qgcw0wr9wkx7m8j1n835f57latestvk97fvbrz0qgcw0wr9wkx7m8j1n835f57notesvk97fvbrz0qgcw0wr9wkx7m8j1n835f57obsidianvk97fvbrz0qgcw0wr9wkx7m8j1n835f57productivityvk97fvbrz0qgcw0wr9wkx7m8j1n835f57
License
MIT-0
Free to use, modify, and redistribute. No attribution required.