Obsidian MCP Server
Model Context Protocol server for Obsidian Vaults
Very Good Security
Security ScoreA
Vulnerabilities Found
Quality ScoreB
Maintenance54
Popularity87
Documentation89
Available Documentation
Compatibility73
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
The current scan did not find prompt-injection, agent command, exfiltration, unbounded filesystem, or MCP SSRF patterns.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(1)
READMEObsidian MCP Server
MCP Obsidian
⚠️ PATH TRAVERSAL VULNERABILITY ⚠️
Issue
File read operations do not properly sanitize paths, allowing access to files outside the Obsidian vault.
Impact
An attacker could prompt the AI to read:
- SSH keys (
~/.ssh/id_rsa) - Environment files (
.env) - Browser credentials
- System configuration
CVSS: 7.5 (High)
Status
Patch available in v0.2.1, upgrade immediately.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/mcp-obsidian-vuln)Server Information
- Source
- NPM
- Package
- mcp-obsidian
- Version
- 1.0.0
- Language
- typescript
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026