Obsidian Official CLI Headless
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears purpose-aligned for installing Obsidian headlessly, but its root setup can grant overly broad file permissions and creates a shell wrapper using an insufficiently escaped vault path.
Only install this on a Debian/Ubuntu-like host where you are comfortable making root-level system changes. Use a simple, dedicated vault directory path, avoid broad paths such as /root or /home, and review or patch the wrapper quoting and ACL guardrails before relying on it.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the wrong path is provided, the dedicated obsidian account could gain write access to far more local data than intended.
The root-run configuration script grants the obsidian user recursive read/write/execute ACLs to any supplied vault path, without checking that the path is a narrow vault directory.
VAULT_PATH="$(realpath -m "${1:-/root/obsidian-vault}")" ... setfacl -R -m u:${OBSIDIAN_USER}:rwx "$VAULT_PATH"Add path guardrails and confirmation for protected or broad paths, reject /, /root, /home, and similar directories by default, and provide a clear rollback command for ACL changes.
A malformed or malicious vault path could make the installed obs wrapper execute unintended local commands.
The generated wrapper places the configured vault path directly inside a shell command. Paths containing spaces, quotes, semicolons, or other shell metacharacters can break the wrapper or cause extra commands to run as the obsidian user.
exec su - ${OBSIDIAN_USER} -c "cd ${VAULT_PATH} && xvfb-run -a /usr/bin/obsidian --disable-gpu \${cmd[*]}"Escape the vault path with a shell-safe quoting method before writing the wrapper, or avoid su -c shell strings by using a command-array approach such as runuser/sudo with an explicit working directory.
Installation depends on the integrity of the remote release download and TLS/GitHub availability.
The script downloads and installs a remote .deb package as root. The URL points to the official Obsidian GitHub release path and the default version is pinned, but no checksum or signature verification is shown.
DEB_URL="https://github.com/obsidianmd/obsidian-releases/releases/download/v${VERSION}/obsidian_${VERSION}_amd64.deb" ... curl -LfsS "$DEB_URL" -o "$TMPDIR/obsidian.deb" ... apt-get install -y "$TMPDIR/obsidian.deb"Publish expected checksums or signature verification steps, and make the supported Debian/Ubuntu requirement explicit in metadata.