ClawHub

Save to Obsidian

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it saves markdown notes to a configured remote Obsidian vault over SSH.

Install only if you want OpenClaw to send selected markdown content to a remote Obsidian vault over SSH. Confirm the configured host, vault path, and SSH key are under your control, use a restricted SSH account if possible, and choose filenames carefully because matching names may overwrite existing notes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly instructs users to configure remote transfer of generated markdown content to an Obsidian vault over SSH, but it does not warn about the privacy, integrity, and overwrite risks of sending potentially sensitive notes to another machine. In an agent context, this matters because generated content may include confidential prompts, credentials, internal notes, or unintended output, and the lack of user-facing safeguards increases the chance of accidental exfiltration or destructive overwrites.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly states that duplicate filenames are overwritten silently, with no required confirmation or warning before replacing an existing note. This creates a real integrity risk because user data can be lost or altered unintentionally, especially when filenames are derived from prompts or reused across sessions.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The skill description says it saves content to a remote Obsidian vault via SSH but does not clearly present this as a privacy-sensitive remote transmission to the user. While SSH encrypts the transfer, the security issue is insufficient disclosure: users may assume a local save and unknowingly send sensitive note contents to another machine.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases "add this to my vault" and "put this in obsidian" are broad, natural-language commands that can easily overlap with ordinary user requests. In a skill that performs remote writes to an Obsidian vault via SSH, overly generic triggers increase the chance of accidental invocation and unintended exfiltration or persistence of model output to a remote system.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal