obsidian-mcp-bridge
Verified Safeby papertray3
Overview
Provides a WebSocket bridge and an extensible tool registry for AI clients to access Obsidian vault APIs and integrated plugins (like Dataview) through the Model Context Protocol.
Installation
node dist/main.jsEnvironment Variables
- OBSIDIAN_MCP_KEY
- OBSIDIAN_HOST
- OBSIDIAN_PORT
- OBSIDIAN_USE_SSL
- LOG_LEVEL
Security Notes
The plugin allows user-defined JavaScript handler scripts loaded via `require()`. The documentation claims these scripts run in a 'restricted sandbox' that blocks file system access outside the vault, network requests, process spawning, and arbitrary module imports. The effectiveness of this sandboxing is critical for security, but its implementation details are not fully visible in the provided code snippets. The WebSocket server defaults to secure `127.0.0.1` (localhost) binding and requires an API key for authentication. Remote access is explicitly opt-in (`enableRemote` setting) and currently lacks SSL/TLS implementation, making remote connections over plain `ws` insecure. Users must trust the custom handler scripts they install and be aware of the implications of enabling remote access.
Similar Servers
mcp-obsidian
Provides a secure, universal AI bridge for Obsidian vaults, enabling MCP-compatible AI assistants to read, write, and manage notes.
mcp-obsidian
Enables LLMs (like Claude) to programmatically interact with an Obsidian vault through the Local REST API plugin.
obsidian-mcp-server
Provides an OpenAI-compatible local Model Context Protocol (MCP) server within Obsidian, enabling external AI assistants and tools to semantically search the vault and perform file system operations.
obsidian-mcp-server
Enables AI assistants to interact with and manage an Obsidian markdown vault via the Model Context Protocol (MCP).