Skillv1.0.0

ClawScan security

Obsidian Official CLI Headless · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 12:17 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with its stated purpose (adapting the official Obsidian CLI for headless Debian/Ubuntu-like systems) but require root and will modify system state — review before running on production.
Guidance: This skill appears to do what it says: adapt the official Obsidian desktop package for headless servers. Before installing, be aware it must be run as root and will: install system packages, download and install a .deb from GitHub releases, create a system user 'obsidian', write a wrapper to /usr/local/bin, and modify ACLs (possibly granting traversal on /root). Recommended steps: - Review the three scripts line-by-line (you were provided them) and confirm paths, usernames, and the DEB_URL before running. - Run first in an isolated VM or test host, not on production, to validate behavior. - If your vault is under /root, understand the ACL change: it will allow the obsidian user to traverse /root and read/write the vault. Consider moving the vault to a non-root path if that is a concern. - Note optional env vars (OBSIDIAN_VERSION, OBSIDIAN_USER, WRAPPER_PATH, OBS_CMD) can alter behavior — set them intentionally or leave defaults. - If you need stricter assurance, build the .deb from a pinned checksum or manually verify the downloaded release before apt installing.

Review Dimensions

Purpose & Capability: okThe scripts implement exactly what the name/description promise: install the official Obsidian .deb, create a dedicated non-root user, provide an Xvfb-based wrapper, configure the official CLI JSON, and set ACLs for a vault (including vaults under /root). The workflow and required system changes are proportionate to the stated goal. Minor metadata omission: the package/script runtime expects utilities like apt-get, curl, setfacl, xvfb-run and realpath even though the registry metadata lists no required binaries.
Instruction Scope: noteSKILL.md and the scripts stay within the described scope: they instruct an admin to run the provided install/configure/verify scripts as root to enable a headless adaptation. The scripts read/write system paths (/usr/local/bin, /home/obsidian, /root) and write the wrapper and config files as intended. Note: the wrapper and configure scripts embed configured paths/usernames into a su -c command; these values are set at install time (root) but should be chosen carefully to avoid accidental injection-like issues.
Install Mechanism: okInstall uses apt-get to install dependencies and downloads the Obsidian .deb from the official GitHub releases URL (github.com/obsidianmd/obsidian-releases), then installs the .deb. This is an expected, traceable mechanism for installing the official desktop package on Debian-like systems; it requires root and will install system packages.
Credentials: noteThe skill does not request secrets or service credentials (no AWS/third-party tokens). Scripts accept optional environment variables (OBSIDIAN_VERSION, OBSIDIAN_USER, WRAPPER_PATH, OBS_CMD) to customize behavior, but these env-vars are not declared in registry metadata — this is reasonable but should be documented for operators because changing them can alter install targets and runtime binaries.
Persistence & Privilege: noteThe skill does not request 'always:true' or autonomous elevation, but it requires root to run and will create a system user, write a wrapper to /usr/local/bin, set ACLs (including traversal on /root), and install packages. Those are necessary for the stated goal but are high-privilege operations; the skill will persist on the system until removed.