ClawHub

Obsidian Sync KB

v0.1.0

Build a searchable local knowledge base from an Obsidian vault's "笔记同步助手" inbox, then answer with citations, topic cards, update logs, and daily digests for...

0· 55·0 current·0 all-time
by@pangkaifeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implementation: scripts read an Obsidian vault inbox, normalize notes, chunk them, build an index, and produce research/topic cards and digests. Required permissions and resources declared (vault path or env var) are proportionate to the stated purpose.
Instruction Scope
SKILL.md only instructs running the included Python scripts and documents an explicit --disable-network option. The code will write files into the vault (Research/… directories) and into local artifacts/state directories — this is consistent with 'build topic cards and update logs' but users should be aware that the skill modifies the vault by creating research artifacts.
Install Mechanism
No install spec; this is instruction- and script-based (python). That is lowest install risk. The scripts are included in the bundle rather than downloaded from arbitrary URLs.
Credentials
No credentials or unrelated environment variables requested. The only optional env var referenced is OBSIDIAN_SYNC_KB_VAULT to set the vault root, which is appropriate.
Persistence & Privilege
always:false and no requests to alter other skills or system-wide agent config. The skill persists state and artifacts under its own directories and writes research files into user-specified vault paths — expected for its function.
Scan Findings in Context
[pre-scan-injection-signals] expected: Static scanner found no injection signals. The code uses urllib.request for optional external fetches which is expected for source enrichment.
Assessment
This skill appears to do what it says, but review and test before pointing it at sensitive notes. It will create files in your Obsidian vault (Research/… directories) and maintain local state/artifacts under the skill folder — back up your vault first. If you are concerned about data leakage, run build-index with --disable-network (or set enable_network to false in config) to avoid external fetches. Inspect scripts/kb_tool.py (network calls, where content is written, and any outbound requests) before use; the code is included so you can audit it. Note: the code contains minor bugs (e.g., a likely typo in normalize_whitespace) suggesting it may be lightly tested — run on a copy of your vault first and check logs/output for unexpected behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk972wd25ad32cydm9x8yzq2mad83p64w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments