Back to skill

Security audit

Obsidian Tasks

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Obsidian task-board helper that writes task Markdown files in a user-chosen vault and shows no evidence of hidden or unrelated behavior.

Install only if you are comfortable allowing the agent to create and edit task Markdown files inside the Obsidian vault and folder you choose. Confirm the vault path before setup, and use backups or version control if the vault contains important notes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
This is a mismatch because the description significantly overstates the skill's functionality and the code also contains an undeclared publishing capability. The Python setup script only scaffolds Board.md and Dashboard.md files in an Obsidian vault; it does not create per-task notes, manage task metadata/frontmatter, synchronize board columns with note status, or implement workflows for moving cards and linking research. Additionally, the shell script publishes the package to ClawHub, which is not mentioned in the declared purpose and involves access to external services inconsistent with the user-facing description.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This markdown file describes running `python3 scripts/setup.py /path/to/vault --folder Tasks` and says the agent can 'set up a task board', which implies writing files into the user's vault. There is no explicit warning that the operation will create or modify markdown files and board/dashboard content in the specified vault path, which could affect user data.

Possible Typosquatting: 'SORT' resembles popular package 'isort'

High
Category
Supply Chain
Confidence
70% confidence
Finding
SORT

Possible Typosquatting: 'SORT' resembles popular package 'isort'

High
Category
Supply Chain
Confidence
70% confidence
Finding
SORT

Possible Typosquatting: 'SORT' resembles popular package 'isort'

High
Category
Supply Chain
Confidence
70% confidence
Finding
SORT

Possible Typosquatting: 'SORT' resembles popular package 'isort'

High
Category
Supply Chain
Confidence
70% confidence
Finding
SORT

Possible Typosquatting: 'SORT' resembles popular package 'isort'

High
Category
Supply Chain
Confidence
70% confidence
Finding
SORT

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.