openotes
Verified Safeby opencore-x
Overview
Provides Claude (or other AI agents) with tools to read, search, write, and organize markdown notes in a local vault.
Installation
npm startEnvironment Variables
- PORT
- VAULT_PATH
- MAX_SEARCH_RESULTS
Security Notes
The server implements robust path validation in `src/core/paths.ts` to prevent directory traversal, absolute path access, and symlink escapes, sandboxing all file operations to the configured `VAULT_PATH`. Null bytes in paths are also explicitly rejected. No 'eval' or obvious malicious patterns were found. The README recommends Cloudflare Tunnel and Cloudflare Access for secure remote access, acknowledging the need for careful network exposure, which is an appropriate security recommendation rather than a vulnerability of the server itself. Local operation binds to 127.0.0.1 by default.
Similar Servers
mcp-obsidian
Provides a secure, universal AI bridge for Obsidian vaults, enabling MCP-compatible AI assistants to read, write, and manage notes.
obsidian-mcp-plugin
This plugin connects your Obsidian vault to AI assistants through MCP (Model Context Protocol), enabling them to understand and navigate your notes as a connected knowledge graph.
obsidian-mcp-server
Provides an OpenAI-compatible local Model Context Protocol (MCP) server within Obsidian, enabling external AI assistants and tools to semantically search the vault and perform file system operations.
obsidian-mcp-server
Enables AI assistants to interact with and manage an Obsidian markdown vault via the Model Context Protocol (MCP).