ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Obsidian Litiao

v1.0.0

Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli.

0· 117·1 current·1 all-time
by@litiao1224
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the declared requirement for obsidian-cli and the SKILL.md focuses on manipulating Obsidian vaults. However the instructions assume reading the user's Obsidian config at a macOS path (~/Library/Application Support/obsidian/obsidian.json) while the skill metadata declares no required config paths or OS restriction — an omission that should have been declared.
!
Instruction Scope
Runtime instructions explicitly tell the agent to read a per-user config file (the Obsidian 'obsidian.json' under Application Support) to discover vaults. That file contains user-specific state and the instructions rely on it, but the declared requirements omitted this. The SKILL.md does not direct any network exfiltration, but the un-declared local file access is scope creep relative to the metadata.
Install Mechanism
Install uses a brew formula (yakitrak/yakitrak/obsidian-cli) which is reasonable for a CLI tool, but it's a third-party tap rather than an official upstream/built-in formula. Installing from an unfamiliar third-party brew tap has more risk than a well-known tap; you should review the tap/formula source before installing.
Credentials
No environment variables or credentials are requested (appropriate for this purpose). However, the SKILL.md reads a user config file path not declared in the skill manifest; the manifest should have listed that config path as required so users know local files will be accessed.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent system privileges. Autonomous invocation (default) is allowed — this is normal platform behavior and not flagged by itself.
What to consider before installing
This skill appears to do what it claims (manage Obsidian vaults via obsidian-cli) but there are a few things to check before installing: 1) Confirm you are on macOS or that the obsidian-cli use-case fits your OS — SKILL.md reads a macOS-specific config path but no OS restriction is declared. 2) The brew formula comes from a third-party tap (yakitrak); inspect the tap/formula source to ensure you trust it before running brew install. 3) The skill will read your Obsidian config file (~/Library/Application Support/obsidian/obsidian.json) to find vaults — if you don’t want a skill accessing that file or your vault paths, don’t install. 4) Check the brew formula or the obsidian-cli project repository to verify what the CLI can do (it will be able to read and modify note files). 5) Note the minor metadata inconsistency: the _meta.json ownerId differs from the registry ownerId; consider verifying the publisher. If you need higher assurance, ask the publisher for the obsidian-cli's canonical upstream link or a signed release to review.

Like a lobster shell, security has layers — review code before you run it.

latestvk972yemjmfc8276vkjrkf5n0j58338g4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💎 Clawdis
Binsobsidian-cli

Install

Install obsidian-cli (brew)
Bins: obsidian-cli
brew install yakitrak/yakitrak/obsidian-cli

Comments