obsidian-rest-api
ReviewAudited by ClawScan on May 11, 2026.
Overview
This skill coherently lets an agent control Obsidian through the Local REST API, but users should notice it stores an API key and can modify vault contents.
Install/use this only if you are comfortable letting the agent access and modify your Obsidian vault through the Local REST API. Keep the API key private, restrict the REST API to trusted network paths, and confirm any write, delete, or command-execution request before allowing it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any process that can read the saved TOOLS.md entry may be able to use the Obsidian REST API key to access the vault.
The skill uses a bearer API key for Obsidian and stores it persistently in a workspace file.
Ask user for API Key ... Save to TOOLS.md: ... **API Key**: <user-provided-key>
Use a dedicated Obsidian API key if possible, protect the workspace file, avoid sharing TOOLS.md, and rotate the key if it may have been exposed.
A mistaken or over-broad request could change, append to, or delete notes, or trigger Obsidian commands.
The referenced API supports destructive note operations and Obsidian command execution, which are powerful but aligned with the skill's stated purpose.
DELETE | `/vault/{filename}` | Delete file ... POST | `/commands/{commandId}/` | Execute a commandReview target filenames and requested operations before allowing writes, deletes, or command execution; require explicit confirmation for destructive actions.
If the API is reachable from an untrusted network or the endpoint is misdirected, the vault API could be exposed to unwanted access attempts.
The setup can expose the authenticated Obsidian API beyond localhost and disables TLS certificate verification for self-signed certificates.
Enable "Bind to all interfaces" in plugin settings ... Allow port in Windows firewall ... Use `-k` flag
Bind only as broadly as needed, restrict the firewall rule to trusted hosts or networks, and verify the saved API URL before using the stored key.