Scan Report
10 /100
obsidian-litiao
Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli
This is a documentation-only skill that describes Obsidian vault management using obsidian-cli. No executable code, scripts, or malicious behavior detected.
Safe to install
This skill is safe to use. It only contains documentation for Obsidian CLI operations and does not execute any code or access sensitive resources.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Info | External URL reference Doc Mismatch | SKILL.md:4 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | SKILL.md describes reading Obsidian vault files and config |
| Shell | READ | READ | ✓ Aligned | SKILL.md documents obsidian-cli commands (search, create, move, delete) |
| Network | NONE | NONE | — | No network access required or used |
| Environment | NONE | NONE | — | No environment variable access documented |
| Skill Invoke | READ | READ | ✓ Aligned | Skill invokes obsidian-cli for vault operations |
1 findings
Medium External URL 外部 URL
https://help.obsidian.md SKILL.md:4 File Tree
2 files · 2.4 KB · 60 lines Markdown 1f · 55L
JSON 1f · 5L
├─
_meta.json
JSON
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
obsidian-cli | latest | brew (yakitrak/yakitrak/obsidian-cli) | No | External CLI tool, declared in metadata.requires.bins |
Security Positives
✓ No executable scripts or code files in the package
✓ Skill is purely documentation for Obsidian vault operations
✓ Uses well-known obsidian-cli tool for vault management
✓ No credential harvesting or sensitive data access
✓ No network exfiltration or C2 communication
✓ No obfuscation or anti-analysis techniques
✓ Dependencies declared (obsidian-cli binary via brew)