Security evaluation report for @forgecat/kepano_obsidian-skills v0.1.1
Source Integrity
Safe
Profile is sourced from a legitimate, publicly documented GitHub repository (kepano/obsidian-skills) with clear attribution and MIT license.
Original source is verifiable and well-established in the Obsidian ecosystem; no supply-chain red flags detected.
Agent Intent
Safe
Content describes legitimate Obsidian file manipulation (markdown, canvas, bases) with no instructions to ignore system prompts, read credentials, or exfiltrate data.
Skill descriptions are purely functional documentation; no hidden directives to weaken security, install malicious dependencies, or perform unauthorized actions.
References to external tools (Defuddle CLI, Obsidian CLI) are standard, documented integrations with no guidance poisoning or backdoored templates.
Details
Evidence
Skills focus on file creation/editing workflows: 'Create and edit Obsidian vault files', 'Extract clean markdown content from web pages'
Developer commands (plugin:reload, dev:errors, dev:screenshot) are legitimate debugging utilities, not exfiltration or privilege escalation
No instructions to bypass Obsidian security, read ~/.ssh, ~/.aws, or transmit vault contents to external hosts
Permissions
Safe
Skills declare file_write and file_read authority scoped to Obsidian vault operations (markdown, canvas, bases files) — aligned with stated purpose.
CLI commands (obsidian create, append, search) operate within the vault context; no unrestricted shell, filesystem deletion, or system-level access requested.
Web fetch (defuddle) is limited to URL parsing for content extraction; no arbitrary network access or credential transmission.
Details
Evidence
obsidian-cli: 'read, create, search, and manage notes' — scoped to vault files and plugin development within Obsidian context
defuddle: 'Extract clean markdown content from web pages' — single-purpose URL parsing, not arbitrary command execution
No alwaysApply=true rules with globs='**' or high-risk categories (shell, file_delete) unrelated to Obsidian vault management
MCP Risk
Safe
No MCP servers are defined in the profile; all skills are self-contained markdown documentation and CLI wrappers.
External tool dependencies (Defuddle CLI, Obsidian CLI) are well-known, open-source projects with no hidden instructions or arbitrary binary execution.
Obsidian CLI is the official command-line interface for Obsidian; documented and scoped to vault operations.
Details
Evidence
Profile declares no MCP server definitions; skills reference only documented external CLIs
Defuddle: 'https://github.com/kepano/defuddle' — public repository, transparent source
Obsidian CLI: 'https://help.obsidian.md/cli' — official documentation, no hidden payloads
ForgeCat