Trust Assessment
obsidian received a trust score of 98/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Third-party Homebrew Tap for Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 18, 2026 (commit b62bd290). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Third-party Homebrew Tap for Dependency The skill specifies installation of 'obsidian-cli' via a third-party Homebrew tap 'yakitrak/yakitrak'. While not explicitly unpinned or a known typosquat, relying on external, less-vetted repositories introduces a supply chain risk. The integrity of the 'yakitrak/yakitrak' tap and its 'obsidian-cli' formula is outside the direct control of the skill developer and could potentially be compromised. Consider using a more officially maintained or widely recognized Homebrew tap, or provide instructions for manual installation from a trusted source. If 'yakitrak/yakitrak/obsidian-cli' is the official or most reliable source, document its trustworthiness or provide a checksum for verification. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/28e381ae60a406f1)
Powered by SkillShield