codex-github-obsidian

SUSPICIOUS. The skill’s capabilities mostly match its stated GitHub-Obsidian integration purpose, but it expands trust to a non-official third-party MCP server and performs real write actions including git push. This is not confirmed malware, but the combined local vault access, GitHub auth usage, and unpinned third-party npm execution make it a medium-risk skill that should only run with explicit user approval.