Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli. The skill's instructions are plausible for automating Obsidian via obsidian-cli, but there are several inconsistencies and privacy-relevant
Security
High Risk
Quality
Good · 70
Install
ready
Audit version
audit-standard-v2
Source metrics come from upstream registries/repositories. Platform metrics come from user actions on SkillTrust and are protected by dedupe/rate-limit anti-abuse rules.
Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli. The skill's instructions are plausible for automating Obsidian via obsidian-cli, but there are several inconsistencies and privacy-relevant actions (reading a user config file) that aren't declared or explained. This skill appears to be written to automate Obsidian via obsidian-cli, but it has some red flags you should consider before installing or granting it access: - The SKILL.md instructs the agent to read the user file '~/Library/Application Support/obsidian/obsidian.json' to discover vaults. That is a personal config file in your home folder — confirm you are comfortable letting the agent read it, or run the skill in a sandbox/test account or with a test vault. - The package metadata is inconsistent: the registry shows no required binaries or install steps, yet the SKILL.md requires 'obsidian-cli' and suggests installing it from a third-party Homebrew tap (yakitrak). If you plan to install that formula, verify the tap and formula source before trusting it. - The instructions assume macOS paths and an installed Obsidian desktop app; there is no OS restriction declared. If you are not on macOS, the config path will not exist and the behavior may be undefined. - Because the skill performs file operations (create/move/delete), double-check any commands it will run and consider limiting operations to a dedicated test vault until you confirm correct behavior. If you want this skill, ask the developer to: (1) make declared requirements and install metadata match the SKILL.md, (2) explicitly declare the config file path as a required config/data access, and (3) use an official obsidian-cli distribution source or document the brew tap provenance. If you are unsure, treat this as suspicious and avoid giving it access to your real vaults.
• Add explicit When to Use / Guidelines sections.
• Provide at least one concrete input-output example.
• Publish versioned changelog and update cadence.
• Document compatibility and breaking-change policy.
• Expand capability limits and boundary conditions.
Is this a security certification?
No. SkillTrust audit is advisory and should be combined with your own review controls.
Can I install directly from this page?
No one-click install is provided. Use command guidance and run in your controlled environment.
Imported from ClawHub public listing.
brew install yakitrak/yakitrak/obsidian-cliInstall method: script-backed (brew)
Quick install
Quick preflight
brew --versionwhich brewInstall paths
review skill metadata before installcheck required credentials in skill docsrequires local binaries: obsidian-clishell accessPreflight checks
Brew troubleshooting
Post-install signal
Installed successfully? Send an activation signal to improve ranking quality over time.
Audit score 70 / 100. Risk guidance is advisory only; review evidence before install.
• Add troubleshooting and FAQ for common failures.
• Improve discoverability through verified source channels.
• Publish usage examples to increase activation quality.
• Reduce shell/file/network scope and document least privilege.
• Expose explicit provenance, dependency pinning, and security notes.
• Provide structured install + rollback steps for each supported agent.
• Mark official/verified status and keep metadata timestamps fresh.
Moderately fresh; review release notes before install.
Audit guidance: 70 / 100 · high
Scores with similar values can still differ in confidence; use evidence and risk lines below for final install judgment.
Risk 70 · Δ +0 · Findings 4
Apr 3, 2026 · auto
Latest high risk result from audit-standard-v2.