obsidian

Warn

Audited by Socket on May 17, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The core note-management capabilities are coherent with the stated Obsidian purpose, and data flow appears local-only. The main issue is install trust: the skill points to an older community-maintained CLI from a separate publisher while presenting official Obsidian docs as the homepage, creating a notable provenance mismatch. This is not confirmed malware, but it is a medium security risk due to third-party binary trust and branding/source inconsistency.

Confidence: 88%Severity: 62%
Audit Metadata
Analyzed At
May 17, 2026, 05:35 PM
Package URL
pkg:socket/skills-sh/steipete%2Fclawdis%2Fobsidian%2F@367656f4d5e05be9721750620ad9425071ad6546
Security Audit — socket — obsidian