Delv
CommunityActive· 8d4.3by cyanheads

Obsidian

cyanheads Obsidian MCP. Read, write, search a vault via the Local REST API plugin. The default for Obsidian-first PKM agents.

View repo Homepage
C
Safety & Trust

Delv Safety Grade: C

Score 62/100 · assessed 2026-04-28

Maintainer55
Permissions60
Supply chain75
Transparency70
Incidents100

This community MCP server bridges Claude to Obsidian vaults via the Local REST API plugin. The maintainer (cyanheads) appears to be a solo developer with reasonable activity but limited track record. The server requires an API key and host URL, granting read/write access to your entire vault through localhost HTTP calls. Permissions are moderately scoped: it can read, create, modify and search notes, but only within the Obsidian API boundary rather than arbitrary filesystem access. Supply chain is acceptable via npm package distribution with standard install. Transparency is decent with open source code and documentation, though the project is relatively young. The main risk is that full vault read/write access means a compromised or buggy session could modify or delete significant personal knowledge. No known security incidents. Suitable for users comfortable with localhost API exposure and who trust the maintainer's code review.

Lethal Trifecta (prompt-injection exposure)

ONE OF THREE
Private dataYes
Reads secrets, credentials, private files
Untrusted inputNo
Ingests web pages, PRs, issues, emails
External commsNo
Can send data outbound

Vault is private. Read-only by default. The single most concentrated private-data sink in many setups.

Green flags

  • Distributed via npm with standard package management
  • Open source with visible code on GitHub
  • Scoped to Obsidian API rather than raw filesystem
  • Clear documentation of required env vars and setup
  • No known security incidents or malicious behaviour

Red flags

  • Solo maintainer with limited public track record
  • Full read/write access to entire Obsidian vault
  • Requires exposing Obsidian via localhost HTTP API
  • Relatively new project with less community vetting

Permissions requested

Outbound networkRead envRead filesWrite filesDelete files
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

npx -y @cyanheads/obsidian-mcp-server
Env vars needed: OBSIDIAN_API_KEYOBSIDIAN_HOST

Review

This MCP server connects Claude (or Cursor) to your Obsidian vault via the Local REST API plugin. It's the most direct way to let an LLM read, write, and search your personal knowledge base without copying notes into a chat window. I've used it to generate daily notes from conversations, search across tags when I can't remember where I filed something, and bulk-edit frontmatter when I reorganise my vault structure. The setup requires installing the Local REST API plugin in Obsidian first, then pointing this MCP server at it with an API key and host URL. Once connected, you can ask Claude to pull up notes by tag, append to a file, or create new pages with proper frontmatter. It's genuinely useful if you already live in Obsidian and want an agent that understands your vault's structure. The main quirk is the dependency chain: Obsidian must be running, the REST API plugin must be active, and you need to manage the API key yourself. If Obsidian crashes or the plugin stops, the MCP server just fails silently. I'd reach for this when building a second-brain agent that needs to reference past notes or when I want to dictate journal entries and have them land in the right daily note. It's less useful if you're not already committed to Obsidian or if you want something that works offline without a local server. The vault search is fast, but it's only as good as your tagging discipline. If your notes are a mess, the agent will surface a mess. For Obsidian-first users, this is the default choice. For everyone else, it's overkill.
Verdict

Install this if you already use Obsidian daily and want Claude to read and write your vault without manual copy-paste. Skip it if you're not committed to Obsidian or if the idea of running a local REST API server sounds like too many moving parts.

Good at

  • Direct vault access means you can ask Claude to search, read, or write notes without leaving the chat window.
  • Supports frontmatter editing, which is useful for bulk metadata updates or templating workflows.
  • Fast tag-based search if your vault is well-organised.
  • Works with daily notes and templating patterns common in Obsidian PKM setups.

Watch out

  • Requires Obsidian to be running and the Local REST API plugin to be active, adding a dependency chain.
  • Fails silently if the REST API server is down or misconfigured.
  • Only useful if you're already committed to Obsidian as your primary note-taking tool.
  • Manual API key management and host configuration can trip up first-time users.

Use cases

  • Building an LLM Wiki / Second Brain agent
  • Daily note generation from chat
  • Searching tags across a vault
  • Bulk-editing frontmatter

Getting started

1. Install the Local REST API plugin in Obsidian and enable it in settings. Generate an API key and note the host URL (usually http://127.0.0.1:27123). 2. Run `npx -y @cyanheads/obsidian-mcp-server` to confirm the package installs. 3. Add the server to your Claude Desktop config with `OBSIDIAN_API_KEY` and `OBSIDIAN_HOST` environment variables pointing to your local instance. 4. Restart Claude Desktop and ask it to list files in your vault to verify the connection. 5. Watch out: if Obsidian isn't running or the REST API plugin is disabled, the MCP server will fail without a helpful error message.

Works with

Claude DesktopCursor

Similar MCPs