Skillv1.0.0

ClawScan security

git-backed-obsidian-cli-workflows · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 2:24 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it wraps the Obsidian CLI for read/write workflows and runs a bundled git-backed sync script after writes; nothing in the bundle asks for unrelated credentials or downloads external code.
Guidance: This skill appears to do what it claims, but review a few things before installing: 1) Confirm NOTES_VAULT_ROOT (default: /root/obsidian-vault) to avoid accidental writes to an unexpected repository. 2) Inspect scripts/backup.sh so you understand which git remote/branch will be used—git push will transmit your notes using whatever Git credentials are configured. 3) Ensure the official obs CLI is installed and usable in the target environment (the wrapper falls back to direct file writes if not). 4) Run the wrapper in a non-privileged account or test environment first to verify behavior and remotes. If you need the skill to request or document specific env vars/credentials, ask the author to declare them explicitly in the skill metadata.

Review Dimensions

Purpose & Capability: okName/description align with the included code and instructions. The Python wrapper and backup.sh implement conservative read/write workflows and a post-write git sync, which is coherent for a 'git-backed Obsidian CLI workflows' skill.
Instruction Scope: noteSKILL.md directs use of the official obs CLI for queries and the bundled scripts for deterministic write+sync behavior. This is appropriate, but the post-write backup runs git operations (fetch, add, commit, pull, push) which will cause network activity to the repository's configured remote and may transmit changed notes. This behavior is expected for git-backed sync but is material and should be reviewed by the user.
Install Mechanism: okNo install spec or external downloads; the skill is delivered with local scripts (Python and shell). No archives or remote installers are invoked by the bundle itself.
Credentials: noteThe skill declares no required environment variables but the scripts read several optional ones (NOTES_VAULT_ROOT, NOTES_BACKUP_SCRIPT, NOTES_INBOX_NOTE, NOTES_OBS_CMD, NOTES_GIT_BRANCH). These are reasonable and proportional to the task, but the defaults (e.g., /root/obsidian-vault) should be checked to avoid accidental modification of unexpected paths. The skill does not request credentials explicitly but will use any existing Git credentials/config present in the environment to push to remotes.
Persistence & Privilege: okalways is false and the skill does not request elevated platform privileges or modify other skills. It writes only to the configured vault path and runs a local backup script; no persistent platform-level changes are made by the bundle itself.