← 返回 Skills 市场
351
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install obsidian-official-cli-headless
功能描述
Install and adapt the official Obsidian CLI for headless Linux servers by using a non-root user, Xvfb virtual display, ACL-based vault access, and an obs wra...
安全使用建议
This skill appears to do what it says: adapt the official Obsidian desktop package for headless servers. Before installing, be aware it must be run as root and will: install system packages, download and install a .deb from GitHub releases, create a system user 'obsidian', write a wrapper to /usr/local/bin, and modify ACLs (possibly granting traversal on /root). Recommended steps:
- Review the three scripts line-by-line (you were provided them) and confirm paths, usernames, and the DEB_URL before running.
- Run first in an isolated VM or test host, not on production, to validate behavior.
- If your vault is under /root, understand the ACL change: it will allow the obsidian user to traverse /root and read/write the vault. Consider moving the vault to a non-root path if that is a concern.
- Note optional env vars (OBSIDIAN_VERSION, OBSIDIAN_USER, WRAPPER_PATH, OBS_CMD) can alter behavior — set them intentionally or leave defaults.
- If you need stricter assurance, build the .deb from a pinned checksum or manually verify the downloaded release before apt installing.
功能分析
Type: OpenClaw Skill
Name: obsidian-official-cli-headless
Version: 1.0.0
The skill bundle performs high-risk system modifications, including running scripts as root, downloading an external binary from GitHub (obsidian-releases), and modifying permissions on the '/root' directory using ACLs to allow a non-root user traversal access. Additionally, the wrapper script creation in 'scripts/configure_official_cli.sh' is vulnerable to command injection because the 'VAULT_PATH' variable is placed directly into a shell command string within a heredoc without sufficient sanitization, allowing potentially malicious vault paths to execute arbitrary commands when the wrapper is invoked.
能力评估
Purpose & Capability
The scripts implement exactly what the name/description promise: install the official Obsidian .deb, create a dedicated non-root user, provide an Xvfb-based wrapper, configure the official CLI JSON, and set ACLs for a vault (including vaults under /root). The workflow and required system changes are proportionate to the stated goal. Minor metadata omission: the package/script runtime expects utilities like apt-get, curl, setfacl, xvfb-run and realpath even though the registry metadata lists no required binaries.
Instruction Scope
SKILL.md and the scripts stay within the described scope: they instruct an admin to run the provided install/configure/verify scripts as root to enable a headless adaptation. The scripts read/write system paths (/usr/local/bin, /home/obsidian, /root) and write the wrapper and config files as intended. Note: the wrapper and configure scripts embed configured paths/usernames into a su -c command; these values are set at install time (root) but should be chosen carefully to avoid accidental injection-like issues.
Install Mechanism
Install uses apt-get to install dependencies and downloads the Obsidian .deb from the official GitHub releases URL (github.com/obsidianmd/obsidian-releases), then installs the .deb. This is an expected, traceable mechanism for installing the official desktop package on Debian-like systems; it requires root and will install system packages.
Credentials
The skill does not request secrets or service credentials (no AWS/third-party tokens). Scripts accept optional environment variables (OBSIDIAN_VERSION, OBSIDIAN_USER, WRAPPER_PATH, OBS_CMD) to customize behavior, but these env-vars are not declared in registry metadata — this is reasonable but should be documented for operators because changing them can alter install targets and runtime binaries.
Persistence & Privilege
The skill does not request 'always:true' or autonomous elevation, but it requires root to run and will create a system user, write a wrapper to /usr/local/bin, set ACLs (including traversal on /root), and install packages. Those are necessary for the stated goal but are high-privilege operations; the skill will persist on the system until removed.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install obsidian-official-cli-headless - 安装完成后,直接呼叫该 Skill 的名称或使用
/obsidian-official-cli-headless触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of obsidian-official-cli-headless skill.
- Enables installation and adaptation of the official Obsidian CLI for headless Linux servers using non-root user, Xvfb, ACLs, and a command wrapper.
- Focuses on vault access, basic CLI enablement, verification of key commands, and minimal permissions.
- Provides scripts and guidance for setup, configuration, verification, and reporting in headless environments.
- Excludes plugin, sync, and GUI-related features unless explicitly requested.
元数据
常见问题
Obsidian Official CLI Headless 是什么?
Install and adapt the official Obsidian CLI for headless Linux servers by using a non-root user, Xvfb virtual display, ACL-based vault access, and an obs wra... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 351 次。
如何安装 Obsidian Official CLI Headless?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install obsidian-official-cli-headless」即可一键安装,无需额外配置。
Obsidian Official CLI Headless 是免费的吗?
是的,Obsidian Official CLI Headless 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Obsidian Official CLI Headless 支持哪些平台?
Obsidian Official CLI Headless 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Obsidian Official CLI Headless?
由 DarinRowe(@darinrowe)开发并维护,当前版本 v1.0.0。
推荐 Skills