ClawHub

Obsidian Writer

Security checks across malware telemetry and agentic risk

Overview

This skill creates Obsidian notes, but it also tells the agent to automatically commit and push vault changes to Git without a review step.

Install only if you want an agent to write into your Obsidian vault and sync through Git. Before use, confirm the vault path and Git remote, keep the repository private if notes are sensitive, and explicitly require the agent to show changed files and wait for approval before any commit or push.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill’s stated purpose is writing Obsidian notes and canvas files, but it additionally performs automatic Git commit and push, which is a separate side effect with data transmission implications. This can exfiltrate vault contents to a remote repository without explicit per-action user confirmation, making the capability broader and riskier than advertised.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Automatic Git push is not necessary to fulfill the core function of generating local Obsidian markdown and canvas files. Because it extends the skill from local content creation into remote publication/synchronization, it increases the chance of unintended disclosure of sensitive notes, attachments, or metadata stored in the vault.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow describes automatic commit and push without warning the user that local vault content may be modified, committed into history, and transmitted to a remote destination. In an Obsidian vault context, notes often contain personal, financial, project, or proprietary information, so silent synchronization materially increases confidentiality risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal