Connect to Obsidian vaults to read, search, and precisely edit notes.
This Obsidian MCP tool is listed in an official registry, open source, and has moderate community adoption, which supports a relatively trustworthy supply-chain profile. The main concerns are standard tool capabilities: it requires Obsidian API-related configuration, can execute local code, and can read/write note data as configured; no clear high-risk red flags are evident in the provided materials.
The materials show it requires OBSIDIAN_API_KEY plus multiple connection and behavior configuration variables. The API key is sensitive and could be abused to access the associated Obsidian service if leaked; however, the requested credential appears aligned with the stated functionality, with no obvious overreach.
The system check shows no declared fixed remote host, but the presence of OBSIDIAN_BASE_URL and OBSIDIAN_OMNISEARCH_URL indicates it can send requests to user-configured Obsidian/search endpoints. This egress is consistent with the tool’s purpose, and the provided materials do not show data being sent to unrelated or unknown third-party endpoints.
The system marks it as executes-code, and OBSIDIAN_ENABLE_COMMANDS suggests it may trigger local commands or related execution capabilities. For an MCP tool this is a standard capability that warrants caution, but the available materials do not show concrete red flags such as unrelated privilege use or a suspicious execution chain.
The description explicitly supports reading, writing, searching, and surgically editing notes, tags, and frontmatter, and includes scope controls such as OBSIDIAN_READ_PATHS, OBSIDIAN_WRITE_PATHS, and OBSIDIAN_READ_ONLY. The data-access surface is broad but consistent with the stated purpose, and exposure can be reduced through read-only mode and path restrictions; no clear evidence of over-privileged access is shown.
It comes from an official registry, the repository is open source and auditable, it has about 590 stars, and it has been updated within the last year—these are strong positive supply-chain indicators. The missing license declaration slightly reduces transparency, but based on the available facts it does not justify a high-risk rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "io.github.cyanheads/obsidian-mcp-server" MCP server from askskill: Run: claude mcp add 'io-github-cyanheads-obsidian-mcp-server' -- node obsidian-mcp-server
Read, search, create, and edit Obsidian Markdown notes directly on disk.
Let AI search and edit local Obsidian Markdown notes directly.
Connect to and manage an Obsidian vault for searching, editing, and organizing notes.
Read, write, search, and manage Obsidian vault notes through MCP.
Securely let AI read, write, search, and scrape content for Obsidian notes.
Connect to Obsidian on macOS to search, edit, and automate notes.