| Version | Supported |
|---|---|
| 0.7.x | ✅ |
| < 0.7 | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
Instead, report them via GitHub's private vulnerability reporting:
- Go to the Security tab
- Click "Report a vulnerability"
- Provide a detailed description
- Type of vulnerability (path traversal, injection, data leak, etc.)
- Step-by-step reproduction instructions
- Affected versions
- Potential impact
- Suggested fix (if any)
- Initial response: within 72 hours
- Status update: within 7 days
- Fix timeline: depends on severity, typically 30 days for critical issues
Given that this MCP server accesses personal data in Obsidian vaults, we consider the following as security vulnerabilities:
- Path traversal: accessing files outside the vault directory
- Arbitrary file access: reading/writing to system files, dotfiles, or
.obsidian/configuration - Command injection: executing arbitrary commands via tool parameters
- Data exfiltration: unintended data exposure to unauthorized parties
- Frontmatter corruption: malicious YAML that could exploit parsers
- Denial of service: crashes or resource exhaustion via malformed input
- Supply chain: compromised dependencies or build process
- Vulnerabilities in the MCP protocol itself (report to Anthropic)
- Vulnerabilities in Obsidian (report to Obsidian)
- Issues requiring physical access to the machine
- Social engineering attacks
- Vulnerabilities in dependencies with no realistic exploit path in this context
This project implements several security controls:
- Path filtering: blocks access to
.obsidian/,.git/,node_modules/, and system files - Path traversal prevention: validates all paths stay within vault boundaries
- Frontmatter validation: blocks functions, symbols, and potentially dangerous YAML constructs
- Confirmation for destructive ops: delete operations require explicit path confirmation
- Dependency security: automated updates via Dependabot, npm audit in CI
- Static analysis: CodeQL scans on every PR and weekly
- Provenance: npm packages published with SLSA provenance attestation
We thank the following researchers for responsibly disclosing vulnerabilities:
No vulnerabilities reported yet.