Obsidian Official CLI Skill
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is a broad Obsidian CLI reference; it is coherent, but it can guide an agent to read or change vault data, plugins, and sync state.
This looks like a coherent Obsidian CLI command-reference skill, not malware. Before installing, verify the source, make sure you intend to let the agent work with your Obsidian vault, and require confirmation for permanent deletes, overwrites, plugin/theme changes, and sync or conflict-resolution actions.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or ambiguous request could lead to unwanted note deletion, overwrites, or plugin changes.
The skill documents commands that can overwrite notes, permanently delete files, and install or enable plugins. These are aligned with Obsidian management, but they are high-impact if run against the wrong vault or file.
obsidian create name="Note" silent overwrite ... obsidian delete file=Note permanent ... obsidian plugin:install id=dataview enable
Confirm the target vault, file path, and intended action before running overwrite, permanent delete, plugin, theme, or sync commands.
Changes may apply to the currently open vault and may sync through the user's Obsidian account if Sync is enabled.
CLI commands operate through the user's live Obsidian application context, and the README also advertises Obsidian Sync operations. This is expected, but it uses the user's local app and account/session privileges.
Obsidian must be running (CLI connects to the live Obsidian app for full feature access)
Use the skill only with the intended Obsidian vault and account, and review sync or account-affecting operations before execution.
Users have less registry-level information to verify who maintains the skill or where updates originate.
The package is instruction-only and has no runnable code to inspect, but the registry metadata does not provide a clear source or homepage for provenance.
Source: unknown; Homepage: none
Verify the skill source and compare it with trusted Obsidian CLI documentation before relying on it for sensitive vault operations.
Private note content may be brought into the agent conversation, and note text should not automatically be treated as trusted instructions.
The skill can guide the agent to read and search vault contents, including all tasks. This is central to the purpose, but Obsidian vaults often contain private or instruction-like note content.
obsidian read ... obsidian search query="meeting notes" ... obsidian tasks all
Use it only on vaults and notes you are comfortable exposing to the agent, and treat retrieved note content as data unless the user explicitly says otherwise.