feat: v1.4.0 audit fixes, multi-agent compatibility, Bases dashboard
External audit flagged 8 actionable items against current best practices for Agent Skills, Claude Code hooks, Obsidian v1.9-v1.12, and JSON Canvas 1.0. This release addresses all of them and adds multi-agent compatibility files at zero cost to existing users. Tier 1, critical fixes: * wiki/meta/dashboard.base: NEW Obsidian Bases dashboard (native, no plugin needed). Replaces Dataview as the primary dashboard. Six views: Recent Activity, Seed Pages, Entities Missing Sources, Open Questions, Comparisons, Sources. * wiki/meta/dashboard.md: now embeds dashboard.base. Legacy Dataview queries retained as optional fallback for users on Obsidian < 1.9.10. * README.md and skills/wiki/references/plugins.md: Plugins section reorganized to recommend Bases (core, no install) primary, Dataview optional/legacy. * skills/canvas/references/canvas-spec.md: added missing JSON Canvas 1.0 fields. Group nodes now document background and backgroundStyle (cover, ratio, repeat). Edges document fromEnd (default 'none') and toEnd (default 'arrow') asymmetric defaults. Hex ID convention noted alongside descriptive ID alternative. * .gitignore: track wiki/meta/dashboard.base explicitly. Tier 2, important improvements: * hooks/hooks.json: SessionStart now uses both command type ([ -f wiki/hot.md ] && cat ...) and prompt type. Command type is the canonical safety check that works in non-vault sessions without erroring. Matcher: startup|resume. * hooks/hooks.json: NEW PostCompact hook re-injects hot cache after context compaction (hook-injected context does not survive compaction; CLAUDE.md does). * hooks/hooks.json: PostToolUse auto-commit now guarded by [ -d .git ]. * hooks/README.md: NEW documentation including known plugin-hooks STDOUT bug (anthropics/claude-code#10875) and workarounds. * skills/wiki/references/mcp-setup.md: added Option D (Obsidian CLI) for v1.12+. Added warning callout above NODE_TLS_REJECT_UNAUTHORIZED line explaining process-wide TLS bypass and recommending Option D as the secure alternative. * skills/wiki-ingest/SKILL.md: documented [!contradiction] custom callout CSS dependency on vault-colors.css snippet. * skills/wiki/references/css-snippets.md: full documentation of all four custom callouts (contradiction, gap, key-insight, stale) with built-in fallback equivalents. Tier 3, multi-agent compatibility (low complexity, high reach): * AGENTS.md: Codex CLI / OpenCode bootstrap. * GEMINI.md: Gemini CLI / Antigravity bootstrap. * .cursor/rules/claude-obsidian.mdc: Cursor always-on rules. * .windsurf/rules/claude-obsidian.md: Windsurf Cascade rules. * .github/copilot-instructions.md: GitHub Copilot conventions. * bin/setup-multi-agent.sh: idempotent symlink installer for Codex, OpenCode, Gemini, Cursor, Windsurf. Wires up the skills/ directory in each agent's expected location. Style cleanup: scrubbed all em dashes from every skill, hook, doc, and bootstrap file (249 total replacements across 26 files). Skills now use periods, commas, and colons throughout for cleaner natural prose. Version: 1.3.0 to 1.4.0 (aligns plugin.json with GitHub release tag format). Already resolved in v1.1 (no action needed): * defuddle, obsidian-bases, obsidian-markdown skills shipped * URL ingestion, vision ingestion, delta tracking docs * Multi-depth wiki-query (Quick / Standard / Deep) * PostToolUse auto-commit hook * allowed-tools field removed from all SKILL.md files * All templates already use plural tag/alias forms * Custom callouts CSS already in vault-colors.css Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1,6 +1,9 @@
|
||||
# MCP Setup
|
||||
|
||||
MCP lets Claude read and write vault notes directly without copy-paste. Two options.
|
||||
MCP lets Claude read and write vault notes directly without copy-paste. Four options ordered from simplest to most featureful.
|
||||
|
||||
> [!tip] Recommendation
|
||||
> If you have **Obsidian v1.12 or newer**, start with **Option D: Obsidian CLI**. It needs no MCP server, no plugins, and no TLS workarounds. Use Options A or B only if you need persistent MCP integration or are on an older Obsidian version.
|
||||
|
||||
---
|
||||
|
||||
@@ -41,7 +44,8 @@ claude mcp add-json obsidian-vault '{
|
||||
}' --scope user
|
||||
```
|
||||
|
||||
`NODE_TLS_REJECT_UNAUTHORIZED: "0"` is required because the REST API uses a self-signed certificate.
|
||||
> [!warning] Security
|
||||
> `NODE_TLS_REJECT_UNAUTHORIZED: "0"` **disables TLS certificate verification process-wide** for the MCP server. It is required here because the Local REST API plugin uses a self-signed certificate. This is acceptable for `127.0.0.1` (localhost) connections only. Never use this setting for any non-loopback connection. If you are uncomfortable with the global TLS bypass, prefer **Option D (Obsidian CLI)** or **Option B (filesystem-based)** which avoid this entirely.
|
||||
|
||||
Capabilities: read notes, write notes, search, patch frontmatter fields, append under headings.
|
||||
|
||||
@@ -71,6 +75,45 @@ No MCP needed. Use curl in bash throughout the session. See `rest-api.md` for al
|
||||
|
||||
---
|
||||
|
||||
## Option D: Obsidian CLI (recommended for v1.12+)
|
||||
|
||||
Obsidian shipped a native CLI in v1.12 (2026). It exposes vault operations directly to the terminal. No REST API plugin, no MCP server, no self-signed certs, no TLS workarounds. Claude calls it through the Bash tool.
|
||||
|
||||
**Check if available:**
|
||||
```bash
|
||||
which obsidian-cli 2>/dev/null && obsidian-cli --version
|
||||
# or, on flatpak:
|
||||
flatpak run md.obsidian.Obsidian --cli --version
|
||||
```
|
||||
|
||||
**Common operations:**
|
||||
```bash
|
||||
# List all notes in a folder
|
||||
obsidian-cli list /path/to/vault wiki/
|
||||
|
||||
# Read a note
|
||||
obsidian-cli read /path/to/vault wiki/index.md
|
||||
|
||||
# Create or update a note
|
||||
obsidian-cli write /path/to/vault wiki/new-note.md < content.md
|
||||
|
||||
# Search notes by content
|
||||
obsidian-cli search /path/to/vault "query term"
|
||||
```
|
||||
|
||||
**Why prefer this**:
|
||||
- No plugin install required (CLI is built into Obsidian)
|
||||
- No MCP server process to manage
|
||||
- No TLS certificate bypass needed
|
||||
- Survives Obsidian restarts (no persistent connection)
|
||||
- Works identically across desktop and headless environments
|
||||
|
||||
**When to use Options A/B/C instead**: If you need persistent semantic search, frontmatter patching, or are on Obsidian < v1.12.
|
||||
|
||||
The `kepano/obsidian-skills` repo includes an `obsidian-cli` skill that wraps these commands as reusable patterns. Install it alongside this plugin for first-class CLI support.
|
||||
|
||||
---
|
||||
|
||||
## Use `--scope user`
|
||||
|
||||
Both MCP options use `--scope user` so the vault is available across all Claude Code projects, not just the one where you ran the command.
|
||||
|
||||
Reference in New Issue
Block a user