Save to Obsidian
v1.1.0Saves markdown content to remote Obsidian vault via SSH
⭐ 1· 1.4k·18 current·19 all-time
byChunhua Liao@chunhualiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to copy files to a remote Obsidian vault via SSH, which legitimately requires SSH/scp. However the registry metadata declares no required binaries or environment variables even though the script and SKILL.md clearly rely on scp/ssh and may read OBSIDIAN_HOST (or rely on TOOLS.md). The lack of declared runtime requirements is an incoherence.
Instruction Scope
SKILL.md instructs the agent to write a temp .md and run scp to a remote host and to use configuration from workspace TOOLS.md. That is within the stated purpose, but it implicitly requires the agent to access workspace configuration files (TOOLS.md) and to execute network operations. The SKILL.md does not make explicit how the agent obtains the host/user/key (it references TOOLS.md and an OBSIDIAN_HOST env var), creating ambiguity about where secrets/config live and whether the agent will read files outside the current conversation context.
Install Mechanism
There is no install spec (instruction-only) and the included script is small and readable. No downloads or archive extraction occur during install. This is the lower-risk pattern for skills that simply run local commands.
Credentials
The skill bundle and registry metadata declare no required env vars, but the script reads OBSIDIAN_HOST (and SKILL.md refers to SSH host/user/key and vault path configured in TOOLS.md). The skill will use the agent's SSH keys (or defaults) to authenticate via scp; that is expected, but the missing explicit declaration of these environment/config needs is disproportionate and could lead to unexpected behavior (e.g., sending files to an unintended host if TOOLS.md is misconfigured).
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and does not modify other skills or system-wide configurations. It runs a one-shot script via exec when invoked. No elevated privileges are requested.
What to consider before installing
This skill appears to do what it says (create a temp markdown file and scp it to a remote Obsidian vault), but there are a few things to check before installing or using it:
- Ensure scp/ssh are available on the agent runtime (scp is required even though metadata doesn't list it). If absent, the skill will fail.
- Confirm where the SSH host/user/key are configured. The SKILL.md refers to a workspace TOOLS.md and the script reads OBSIDIAN_HOST; make sure TOOLS.md is present and contains the correct host and path, and that OBSIDIAN_HOST (if used) points to the intended machine.
- Understand that the script will copy whatever source file the agent passes to it. Verify the agent only sends intended content (avoid accidentally sending sensitive local files).
- Review and, if desired, edit the provided scripts to explicitly accept and validate a private-key path or require explicit confirmation before transfer. Consider adding explicit metadata entries (required binary: scp/ssh; required env: OBSIDIAN_HOST/OBSIDIAN_VAULT_PATH) so the runtime and users know what will be used.
- If you do not trust the remote host or the workspace configuration, do not enable the skill. Test in a safe environment first (e.g., a throwaway remote host or local SSH server) to confirm behavior.
Because the main issues are omissions/ambiguities in declared requirements and configuration (not evidence of malicious code), treat this as suspicious rather than malicious. If you can confirm/patch the missing declarations and validate the remote host and keys, the skill is reasonable for its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk9784jx8jb18rfsksvb8n2yrc581c1zm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.