Is obsidian-web-mcp safe to install?

Security audit of jimprosser/obsidian-web-mcp · MCP Server by jimprosser · ★ 139

⚠ CAUTION Basic audit · rule-based scan · SlowMist 11 red-flag categories

Use with caution — obsidian-web-mcp triggered warning flags in AgentSkillsHub's security scan. It may be fine for personal trials, but review its credential handling and maintainer before brand or production use.

What it is: Secure remote MCP server for Obsidian vaults -- access your notes from Claude, your phone, or any MCP client, anywhere. OAuth 2.0 auth, Cloudflare Tunnel, atomic writes safe for Obsidian Sync.

Red flags detected (1)

Audit summary

Security grade⚠ CAUTION
Quality score75/100
GitHub stars139
LanguagePython
LicenseMIT
Last updated

Check before you install

Run a live scan → Full details & install 5-dimension deep audit

This is AgentSkillsHub's free basic audit: an automated rule-based scan covering SlowMist's 11 red-flag categories (credential exfiltration, obfuscated payloads, sandbox escape, prompt injection, and more) across 117,000+ open-source AI agent skills and MCP servers, refreshed every 8 hours. A CAUTION grade is a scan result, not a guarantee — deep 5-dimension audits (code · credentials · vendor · supply-chain · operational) are available for enterprise. Audited: 2026-07-03.