obsidian-init
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the Obsidian desktop application from its official website and technical dependencies from standard registries, including the 'obsidian-cli' package from NPM and 'ruamel.yaml' from PyPI. These are routine operations for setting up specialized developer tools.
- [COMMAND_EXECUTION]: The skill utilizes shell commands to verify the environment and runs a Python initialization script ('scripts/init_vault.py'). This script creates the necessary '.obsidian' configuration directory and writes 'app.json' and '.gitignore' files to the local file system to manage vault behavior and prevent indexing of machine-generated files.
- [SAFE]: The skill operates within the expected scope of a project initialization tool. There is no evidence of data exfiltration, credential harvesting, or unauthorized persistence mechanisms. All actions are transparently documented and align with the stated goal of Obsidian vault integration.
Audit Metadata