obsidian-notebook-mcp
Verified Safeby jarmentor
Overview
AI-powered semantic search and note management for Obsidian vaults, integrated with LLMs via Model Context Protocol (MCP).
Installation
node mcp-server.jsEnvironment Variables
- QDRANT_URL
- OLLAMA_URL
- NOTEBOOK_PATH
- EMBED_MODEL
- MCP_SERVER
Security Notes
The system processes local files and interacts with local services (Qdrant, Ollama). File system operations (`read`, `write`, `append`, `create`) are confined to the `NOTEBOOK_PATH` and use `path.join` to prevent directory traversal. In Docker, the `ai-note-searcher` container's volume mount is `read-only`, enhancing security for indexing. However, when the `mcp-server.js` script is run locally (e.g., for Claude Desktop integration), it has write access to the configured `NOTEBOOK_PATH`. In such a setup, a malicious LLM prompt, if allowed to use file modification tools, could potentially alter or create files within the configured `NOTEBOOK_PATH`. This is a configuration-dependent risk rather than a code vulnerability, emphasizing the need for users to configure `NOTEBOOK_PATH` to a confined Obsidian vault.
Similar Servers
mcp-obsidian
Provides a secure, universal AI bridge for Obsidian vaults, enabling MCP-compatible AI assistants to read, write, and manage notes.
obsidian-mcp-plugin
This plugin connects your Obsidian vault to AI assistants through MCP (Model Context Protocol), enabling them to understand and navigate your notes as a connected knowledge graph.
mcp-obsidian
Enables LLMs (like Claude) to programmatically interact with an Obsidian vault through the Local REST API plugin.
obsidian-mcp-server
Provides an OpenAI-compatible local Model Context Protocol (MCP) server within Obsidian, enabling external AI assistants and tools to semantically search the vault and perform file system operations.