Skillv1.2.2

ClawScan security

Obsidian Wiki · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 18, 2026, 5:11 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, scripts, and runtime instructions are coherent with its stated purpose (building and maintaining a compiled LLM wiki in an Obsidian vault) and do not request unrelated credentials or system-wide privileges.
Guidance: What this skill will do: locate an Obsidian vault (via a user path or by reading local Obsidian config), read files under raw/, and create/update pages under wiki/ and machine state under .wiki-meta/ (manifest, graph.json, etc.). It may download webpages (web_fetch) or extract PDFs (pdftotext) during ingest and may run markdownlint via npx to auto-fix markdown. Before installing or running it, consider: 1) Review the included scripts (they run locally and will modify files under the vault). 2) Run it first on a test or backed-up vault so you can inspect changes. 3) When the skill infers the vault from your Obsidian config, the SKILL.md says it will ask for confirmation before any writes—ensure you only approve writes to the intended vault. 4) Be aware that optional actions (npx install, web_fetch) pull network resources; if you want to avoid network activity, skip those optional steps or run in offline mode. Overall the package appears internally consistent with its stated purpose; proceed if you trust the author and have a backup of your vault.

Review Dimensions

Purpose & Capability: okName/description match the provided artifacts: the skill includes multiple scripts to ingest sources, generate index/graph, lint/fix wikilinks, and manage a manifest; these are exactly what's needed to implement an LLM-compiled wiki. Reading Obsidian config to locate the vault and using pdftotext/markdownlint for optional processing are justified by the documented workflows.
Instruction Scope: okSKILL.md and the scripts limit actions to vault-local operations (reading raw/, writing/maintaining wiki/, creating .wiki-meta/manifest.json, generating index/log). The runtime instructions explicitly prefer user-specified vault paths and require confirmation before write when the vault is inferred. The only wider-scope actions are optional: using web_fetch to download web pages for ingestion and running pdftotext/markdownlint, which are appropriate for ingest workflows.
Install Mechanism: noteThis is instruction-only (no install spec). All needed code is included in the skill bundle. Optional tooling may be installed at runtime (e.g., markdownlint via npx, pdftotext via poppler). These are expected for the tasks but imply network package pulls when used (npx). No arbitrary external downloads or obscure install URLs are present in the bundle.
Credentials: okThe skill declares no required environment variables or credentials. Scripts read user-local Obsidian config locations to infer vaults (justified by the purpose). It uses standard filesystem and temp files, and may use agent tools (web_fetch/pdf) to ingest external sources; no secrets or unrelated service tokens are requested.
Persistence & Privilege: okalways:false and autonomous invocation are default. The skill writes only to the specified vault (creates/updates wiki/ and .wiki-meta within the vault) and proposes changes to _meta files (which the instructions say should be approved by the user). It does not modify other skills or system-wide agent settings.