ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

nubaby-obsidian

v1.0.2

Arthur-OS / OB (Obsidian) governance skill for deciding where notes, reports, project docs, server docs, OpenClaw docs, AIout outputs, Library references, Pr...

0· 71·0 current·0 all-time
by@arthurlin1979

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for arthurlin1979/nubaby-obsidian.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "nubaby-obsidian" (arthurlin1979/nubaby-obsidian) from ClawHub.
Skill page: https://clawhub.ai/arthurlin1979/nubaby-obsidian
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install nubaby-obsidian

ClawHub CLI

Package manager switcher

npx clawhub@latest install nubaby-obsidian
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be an Arthur-OS / Obsidian governance helper and its docs and script match that purpose. However, the package metadata declares no required binaries or credentials while the SKILL.md and the helper script implicitly require 'obsidian-cli' (and the script's 'skill' mode uses 'rg' / ripgrep). That mismatch (declaring none but depending on them at runtime) is incoherent and will cause runtime failures or unexpected behavior if those tools are absent.
!
Instruction Scope
The SKILL.md stays within Obsidian governance scope (where to put notes, how to search, rules for moving/editing), and repeatedly emphasizes read-only and safe boundaries. However the references include explicit network gateway hosts/ports and two hard-coded bearer tokens (gateway bearer and plugin/apiKey) in READONLY_GATEWAY_BOUNDARIES.md. Embedding real-looking tokens in the skill's files is a risky artifact: it's not necessary for the governance instructions and could be misused if they are valid. The instructions also reference reading obsidian.json and the vault filesystem which is appropriate for the purpose but means the agent/script will access local user files — expected, but worth highlighting.
Install Mechanism
No install spec is provided (instruction-only), which is low-risk. The only code file is a small shell script (ob_search.sh) that will be run locally. This is proportional to the skill's purpose. Still, because there is no install step, the skill assumes existing system tooling (obsidian-cli, ripgrep), and that assumption is not declared in the registry metadata.
!
Credentials
The skill declares no required env vars or credentials, which is reasonable for a governance/help skill. However, the included reference file contains two explicit bearer tokens and guidance about token boundaries. Having these tokens in repository text is disproportionate and potentially dangerous: either they are sensitive secrets accidentally included, or they are placeholders (in which case they should be clearly marked as examples). Either scenario is concerning and should be resolved prior to use. No other unrelated credentials are requested.
Persistence & Privilege
The skill is not marked always:true, does not request persistent privileges, and does not include an install routine that modifies other skills or global agent settings. Autonomous invocation is allowed by default (normal), but nothing here grants elevated or persistent system-level privileges.
What to consider before installing
This skill is broadly coherent with an Obsidian/Arthur-OS governance role, but stop and check before installing or running it: - Expect to need obsidian-cli (and likely ripgrep 'rg') available on the machine; the skill metadata failed to declare these dependencies. Install them or confirm availability first. - The repository contains hard-coded bearer tokens in READONLY_GATEWAY_BOUNDARIES.md. Treat those as potential secrets — verify whether they are real, revoke them if they are, or remove/replace them with clearly labeled examples before using the skill. - Review the scripts (scripts/ob_search.sh) before executing; it runs obsidian-cli and rg against your vault and will read local files. Running locally is expected for this skill, but validate the commands and paths. - The skill emphasizes read-only behavior; keep to read/search actions unless you explicitly intend to perform edits and are sure of vault path and link-refactor implications. If you want to proceed safely: request the skill author/source, ask them to (1) list required binaries in metadata (obsidian-cli, rg), (2) remove or redact any real tokens from files, and (3) confirm that any included tokens are only examples. If you cannot verify those, treat the skill as suspicious and avoid running its scripts or exposing your Obsidian vault to the described gateway endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97051rwqg6fwj31eynvs6v8z5850xh1
71downloads
0stars
2versions
Updated 1w ago
v1.0.2
MIT-0
@arthurlin1979
latest
Download

nubaby-obsidian

把這個 skill 當成 Arthur-OS / OB 的治理入口。它回答三件事:

  1. 這篇東西應該放哪裡
  2. 要怎麼找
  3. 找到後下一步該讀、改、搬、還是新開一篇

它不是一般 Obsidian 教學,也不是任意 multi-vault 控制器。

先記住這 8 條就夠了

  1. OB = Obsidian
  2. Arthur-OS = 唯一 canonical vault,Node Local OB 可以存在,但成熟內容要回流 Arthur-OS
  3. 不要猜 vault 路徑,先 obsidian-cli print-default --path-only,不行再看 obsidian.json
  4. 不要先發明新資料夾,先對到既有結構
  5. Skills/ 只放自製技能文件,而且要維持 rebuild-grade mirror
  6. 跨節點 / LAN 查 OB 時,read-only gateway 只用來查,不用來寫
  7. Arthur-OS 根目錄筆記規則固定:檔名 YYYY-MM-DD title.md,內文首行 修改時間:YYYY-MM-DD HH:MM:SS
  8. 主線對話要 summary-forward,不要把整篇筆記全文倒進聊天

快速路由

先看超短索引:references/QUICK_INDEX.md

你現在是在做哪一類事?

  • 要確認 vault / 實體路徑 → references/VAULT_AND_PATHS.md
  • 要判斷內容該放哪裡 → references/ARTHUR_OS_STRUCTURE.md
  • 要查 OB / 搜尋筆記 / 用 helper script → references/SEARCH_RULES.md
  • 要處理跨節點 / LAN read-only gateway → references/READONLY_GATEWAY_BOUNDARIES.md
  • 搜到之後,不知道該讀 / 改 / 搬 / 新開 → references/POST_SEARCH_DECISION_RULES.md
  • 要 create / move / rename / delete / direct edit → references/OPERATIONS_RULES.md
  • 要建立筆記、調整命名、確認開頭格式 → references/WRITING_RULES.md
  • 要判斷 Skills/ 區內容該怎麼治理 → references/SKILLS_RULES.md
  • 要處理多 vault / 回流問題 → references/MULTI_VAULT_ROUTING.md
  • 要看舊方案與歷史脈絡 → references/NETWORK_SEARCH_DESIGN_HISTORY.md

高頻硬規則

  • 高優先母區:Skills / Prompts / OldNotes / Server / OpenClaw / Projects / Library / AIout / 根目錄
  • 報告路由:OpenClaw/Reports = OpenClaw 系統 / 維運 / 修復 / 事故 / 節點治理;AIout/Reports = AI 流程 / 產出 / 匯出 / workflow 結果
  • 同一主題預設收斂成 1 份主文件 + 最多 1 份正式報告
  • 改名 / 搬移優先 obsidian-cli move,不要先 mv
  • Arthur-OS / OB 採 Backup/Trash/ 雙目錄保護;備份與刪除都維持 .md 結尾
  • 跨節點 / LAN 的 Obsidian 查詢只允許 read-only

Context hygiene

  • 搜尋或讀取筆記時,先定位,再定向讀取,不要預設把大篇全文搬進主線
  • 長筆記、長報告、大量摘錄,優先留在 OB / report 檔中
  • 回主線時預設只帶:結論、筆記路徑、必要摘錄、下一步

Comments

Loading comments...