ClawHub

Obsidian

Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
207 · 53.5k · 1.6k current installs · 1.7k all-time installs
byPeter Steinberger@steipete
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes exactly the expected functionality (use obsidian-cli to operate on Obsidian vaults). However the skill registry metadata at the top of the package claims no required binaries or install steps, while the embedded SKILL.md metadata requires the 'obsidian-cli' binary and even provides a brew install. This mismatch between declared requirements and the runtime instructions is inconsistent and should be resolved.
!
Instruction Scope
Runtime instructions explicitly tell the agent to read the user's Obsidian config at '~/Library/Application Support/obsidian/obsidian.json' to discover vaults. That is a user-home file containing personal metadata about vault locations; reading it is outside a trivial 'note editing' scope and is not declared in the registry-level config. The instructions also assume Obsidian desktop and functioning URI handlers, and give commands that operate on user files (create/move/delete). The skill therefore directs file reads/changes in the user's home directory without those paths being declared.
Install Mechanism
There is no formal install spec in the registry listing, but the SKILL.md includes an install hint: a brew formula 'yakitrak/yakitrak/obsidian-cli'. Using Homebrew is common, but this references a third-party tap (yakitrak) rather than a canonical upstream package. That raises modest risk: the formula source is not an obviously well-known official release host.
!
Credentials
The registry lists no required environment variables or config paths, yet the instructions require reading a specific config file in the user's home directory to find vault paths. Accessing that personal config file is a credential/data-access decision and should be declared. No other credentials are requested, which is proportionate, but the undeclared file access is the main issue.
Persistence & Privilege
The skill does not request 'always: true' or other elevated persistent privileges. It is user-invocable and allows normal autonomous invocation, which is the platform default. Nothing in the package asks to modify other skills or system-wide agent settings.
What to consider before installing
This skill appears to be written to automate Obsidian via obsidian-cli, but it has some red flags you should consider before installing or granting it access: - The SKILL.md instructs the agent to read the user file '~/Library/Application Support/obsidian/obsidian.json' to discover vaults. That is a personal config file in your home folder — confirm you are comfortable letting the agent read it, or run the skill in a sandbox/test account or with a test vault. - The package metadata is inconsistent: the registry shows no required binaries or install steps, yet the SKILL.md requires 'obsidian-cli' and suggests installing it from a third-party Homebrew tap (yakitrak). If you plan to install that formula, verify the tap and formula source before trusting it. - The instructions assume macOS paths and an installed Obsidian desktop app; there is no OS restriction declared. If you are not on macOS, the config path will not exist and the behavior may be undefined. - Because the skill performs file operations (create/move/delete), double-check any commands it will run and consider limiting operations to a dedicated test vault until you confirm correct behavior. If you want this skill, ask the developer to: (1) make declared requirements and install metadata match the SKILL.md, (2) explicitly declare the config file path as a required config/data access, and (3) use an official obsidian-cli distribution source or document the brew tap provenance. If you are unsure, treat this as suspicious and avoid giving it access to your real vaults.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk971vje0zv6fg15kv9z4jy3s8x7yj61t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💎 Clawdis
Binsobsidian-cli

Install

Install obsidian-cli (brew)
Bins: obsidian-cli
brew install yakitrak/yakitrak/obsidian-cli

SKILL.md

Obsidian

Obsidian vault = a normal folder on disk.

Vault structure (typical)

  • Notes: *.md (plain text Markdown; edit with any editor)
  • Config: .obsidian/ (workspace + plugin settings; usually don’t touch from scripts)
  • Canvases: *.canvas (JSON)
  • Attachments: whatever folder you chose in Obsidian settings (images/PDFs/etc.)

Find the active vault(s)

Obsidian desktop tracks vaults here (source of truth):

  • ~/Library/Application Support/obsidian/obsidian.json

obsidian-cli resolves vaults from that file; vault name is typically the folder name (path suffix).

Fast “what vault is active / where are the notes?”

  • If you’ve already set a default: obsidian-cli print-default --path-only
  • Otherwise, read ~/Library/Application Support/obsidian/obsidian.json and use the vault entry with "open": true.

Notes

  • Multiple vaults common (iCloud vs ~/Documents, work/personal, etc.). Don’t guess; read config.
  • Avoid writing hardcoded vault paths into scripts; prefer reading the config or using print-default.

obsidian-cli quick start

Pick a default vault (once):

  • obsidian-cli set-default "<vault-folder-name>"
  • obsidian-cli print-default / obsidian-cli print-default --path-only

Search

  • obsidian-cli search "query" (note names)
  • obsidian-cli search-content "query" (inside notes; shows snippets + lines)

Create

  • obsidian-cli create "Folder/New note" --content "..." --open
  • Requires Obsidian URI handler (obsidian://…) working (Obsidian installed).
  • Avoid creating notes under “hidden” dot-folders (e.g. .something/...) via URI; Obsidian may refuse.

Move/rename (safe refactor)

  • obsidian-cli move "old/path/note" "new/path/note"
  • Updates [[wikilinks]] and common Markdown links across the vault (this is the main win vs mv).

Delete

  • obsidian-cli delete "path/note"

Prefer direct edits when appropriate: open the .md file and change it; Obsidian will pick it up.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…