pkm-mcp-server 1.5.2 → 1.6.0

package/CHANGELOG.md

@@ -6,6 +6,36 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
 ## [Unreleased]
 
+## [1.6.0] - 2026-03-23
+
+### Security
+- **Fix command injection in capture-handler.sh** — replaced `eval` of Node.js output with safe per-variable stdout capture. Previously, crafted `title` or `content` values containing shell metacharacters (e.g., `$(...)`) could execute arbitrary commands.
+- `handleTrash` and `handleMove` now catch ENOENT errors and return relative paths instead of leaking absolute vault paths in error messages
+
+### Changed
+- Wikilink extraction in `handleLinks` and `handleSuggestLinks` now uses shared `extractWikilinks` from `graph.js` instead of duplicating the regex
+- Extracted `addToBasenameMap`/`removeFromBasenameMap` helpers in `handlers.js` (replaces 3 inline copies)
+- Named constant `SESSION_ID_DISPLAY_LEN` replaces magic number `8` for session ID truncation
+- `@modelcontextprotocol/sdk` version range tightened from `^1.0.0` to `^1.27.0` to reflect actual minimum tested version
+
+### Fixed
+- README hook configuration referenced deleted `stop-sweep.sh` (renamed to `stop-sweep.js` in v1.5.0)
+- `vault_peek` tool description no longer claims "line numbers" in heading outline (removed in v1.1.0)
+- CHANGELOG: added missing entries for v1.5.3, v1.5.2, v1.1.1; fixed all comparison links
+- CLAUDE.md and sample-project/CLAUDE.md: added missing `note.md` template to template lists
+- CONTRIBUTING.md: clarified that double quotes and semicolons are conventions, not lint-enforced
+- CI workflow: added `permissions: {}` for least privilege; added `npm audit --omit=dev` step
+
+## [1.5.3] - 2026-03-21
+
+### Fixed
+- Init wizard `patchMcpConfig()` now handles multi-line `MCP_CONFIG=` blocks correctly — previously only replaced the first line, leaving orphaned continuation lines
+
+## [1.5.2] - 2026-03-21
+
+### Fixed
+- Hook scripts now auto-detect repo vs installed location — `capture-handler.sh` no longer hardcodes `node $SCRIPT_DIR/../index.js`, falling back to `npx pkm-mcp-server@latest` when `index.js` is not present
+
 ## [1.5.1] - 2026-03-21
 
 ### Fixed
@@ -109,6 +139,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 ### Security
 - Resolved 7 transitive dependency vulnerabilities (hono, @hono/node-server, ajv, express-rate-limit, flatted, minimatch, qs)
 
+## [1.1.1] - 2026-02-24
+
+### Added
+- Enum validation for task `status` and `priority` fields in `vault_write` and `vault_update_frontmatter`
+
 ## [1.1.0] - 2026-02-23
 
 ### Changed
@@ -158,8 +193,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 - Atomic file creation in `vault_write` (`wx` flag) prevents race conditions
 - Error messages sanitized to prevent leaking absolute vault paths
 
-[Unreleased]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.2.1...HEAD
+[Unreleased]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.6.0...HEAD
+[1.6.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.5.3...v1.6.0
+[1.5.3]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.5.2...v1.5.3
+[1.5.2]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.5.1...v1.5.2
+[1.5.1]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.5.0...v1.5.1
+[1.5.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.4.2...v1.5.0
+[1.4.2]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.4.1...v1.4.2
+[1.4.1]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.4.0...v1.4.1
+[1.4.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.3.3...v1.4.0
+[1.3.3]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.3.2...v1.3.3
+[1.3.2]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.3.1...v1.3.2
+[1.3.1]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.3.0...v1.3.1
+[1.3.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.2.1...v1.3.0
 [1.2.1]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.2.0...v1.2.1
-[1.2.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.1.0...v1.2.0
+[1.2.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.1.1...v1.2.0
+[1.1.1]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.1.0...v1.1.1
 [1.1.0]: https://github.com/AdrianV101/Obsidian-MCP/compare/v1.0.0...v1.1.0
 [1.0.0]: https://github.com/AdrianV101/Obsidian-MCP/releases/tag/v1.0.0

package/README.md

@@ -190,7 +190,7 @@ Add to your `~/.claude/settings.json` (alongside the `mcpServers` block):
         "hooks": [
           {
             "type": "command",
-            "command": "VAULT_PATH=\"/path/to/your/vault\" /path/to/Obsidian-MCP/hooks/stop-sweep.sh",
+            "command": "VAULT_PATH=\"/path/to/your/vault\" node /path/to/Obsidian-MCP/hooks/stop-sweep.js",
             "async": true,
             "timeout": 10
           }
@@ -219,7 +219,7 @@ Replace `/path/to/your/vault` with your Obsidian vault path and `/path/to/Obsidi
 | Hook | Event | What it does |
 |------|-------|--------------|
 | `session-start.js` | SessionStart | Loads project context (index, devlog, active tasks) at session start |
-| `stop-sweep.sh` | Stop | Scans each exchange for PKM-worthy decisions/tasks, appends to daily captures |
+| `stop-sweep.js` | Stop | PKM librarian: creates structured, graph-linked vault notes from the latest exchange |
 | `capture-handler.sh` | PostToolUse | Creates structured vault notes when `vault_capture` is called |
 
 See [hooks/README.md](hooks/README.md) for architecture details and troubleshooting.

package/handlers.js

@@ -23,7 +23,7 @@ import {
   FORCE_HARD_CAP,
   CHUNK_SIZE,
 } from "./helpers.js";
-import { exploreNeighborhood, formatNeighborhood, findFilesLinkingTo, rewriteWikilinks } from "./graph.js";
+import { exploreNeighborhood, formatNeighborhood, findFilesLinkingTo, rewriteWikilinks, extractWikilinks } from "./graph.js";
 import { getAllMarkdownFiles, extractFrontmatter } from "./utils.js";
 
 /**
@@ -63,6 +63,26 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     return resolvePath(resolvedFolder);
   };
 
+  const SESSION_ID_DISPLAY_LEN = 8;
+
+  function addToBasenameMap(relativePath) {
+    const bn = path.basename(relativePath, ".md").toLowerCase();
+    if (!basenameMap.has(bn)) basenameMap.set(bn, []);
+    basenameMap.get(bn).push(relativePath);
+    allFilesSet.add(relativePath);
+  }
+
+  function removeFromBasenameMap(relativePath) {
+    allFilesSet.delete(relativePath);
+    const bn = path.basename(relativePath, ".md").toLowerCase();
+    const entries = basenameMap.get(bn);
+    if (entries) {
+      const idx = entries.indexOf(relativePath);
+      if (idx !== -1) entries.splice(idx, 1);
+      if (entries.length === 0) basenameMap.delete(bn);
+    }
+  }
+
   async function handleRead(args) {
     const filePath = resolveFile(args.path);
     const content = await fs.readFile(filePath, "utf-8");
@@ -193,12 +213,7 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     }
 
     // Update basename map with the new file
-    const newBasename = path.basename(outputPath, ".md").toLowerCase();
-    if (!basenameMap.has(newBasename)) {
-      basenameMap.set(newBasename, []);
-    }
-    basenameMap.get(newBasename).push(outputPath);
-    allFilesSet.add(outputPath);
+    addToBasenameMap(outputPath);
 
     const fm = validation.frontmatter;
     const createdStr = fm.created instanceof Date
@@ -403,11 +418,7 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     const result = { outgoing: [], incoming: [] };
 
     if (args.direction !== "incoming") {
-      const linkRegex = /\[\[([^\]|]+)(?:\|[^\]]+)?\]\]/g;
-      let match;
-      while ((match = linkRegex.exec(content)) !== null) {
-        result.outgoing.push(match[1]);
-      }
+      result.outgoing = extractWikilinks(content);
     }
 
     if (args.direction !== "outgoing") {
@@ -580,20 +591,20 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
 
       if (entries.length === 0) {
         return {
-          content: [{ type: "text", text: `No activity entries found. (current session: ${sessionId.slice(0, 8)})` }]
+          content: [{ type: "text", text: `No activity entries found. (current session: ${sessionId.slice(0, SESSION_ID_DISPLAY_LEN)})` }]
         };
       }
 
       const formatted = entries.map(e => {
         const ts = e.timestamp.replace("T", " ").slice(0, 19);
-        const sessionShort = e.session_id.slice(0, 8);
+        const sessionShort = e.session_id.slice(0, SESSION_ID_DISPLAY_LEN);
         return `[${ts}] [${sessionShort}] ${e.tool_name}\n${e.args_json}`;
       }).join("\n\n");
 
       return {
         content: [{
           type: "text",
-          text: `Activity log (${entries.length} entr${entries.length === 1 ? "y" : "ies"}, current session: ${sessionId.slice(0, 8)}):\n\n${formatted}`
+          text: `Activity log (${entries.length} entr${entries.length === 1 ? "y" : "ies"}, current session: ${sessionId.slice(0, SESSION_ID_DISPLAY_LEN)}):\n\n${formatted}`
         }]
       };
     }
@@ -651,13 +662,9 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     }
     if (!body) throw new Error("No content to analyze");
 
-    const linkRegex = /\[\[([^\]|]+)(?:\|[^\]]+)?\]\]/g;
-    const linkedNames = new Set();
-    let match;
-    while ((match = linkRegex.exec(inputText)) !== null) {
-      const target = match[1];
-      linkedNames.add(path.basename(target, ".md").toLowerCase());
-    }
+    const linkedNames = new Set(
+      extractWikilinks(inputText).map(t => path.basename(t, ".md").toLowerCase())
+    );
 
     const excludeFiles = new Set();
     if (sourcePath) excludeFiles.add(sourcePath);
@@ -696,7 +703,12 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     const filePath = resolvePath(resolvedRelative);
 
     // Verify file exists
-    await fs.access(filePath);
+    try {
+      await fs.access(filePath);
+    } catch (e) {
+      if (e.code === "ENOENT") throw new Error(`ENOENT: File not found: ${resolvedRelative}`, { cause: e });
+      throw e;
+    }
 
     // Find incoming links for warning output
     const allFilesList = Array.from(allFilesSet);
@@ -725,14 +737,7 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     await fs.rename(filePath, trashAbsolute);
 
     // Update in-memory basename map
-    allFilesSet.delete(resolvedRelative);
-    const oldBasename = path.basename(resolvedRelative, ".md").toLowerCase();
-    const entries = basenameMap.get(oldBasename);
-    if (entries) {
-      const idx = entries.indexOf(resolvedRelative);
-      if (idx !== -1) entries.splice(idx, 1);
-      if (entries.length === 0) basenameMap.delete(oldBasename);
-    }
+    removeFromBasenameMap(resolvedRelative);
 
     // Build output
     let text = `Trashed ${resolvedRelative} → ${trashRelative}`;
@@ -754,7 +759,12 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     const newAbsolute = resolvePath(newRelative);
 
     // Verify source exists
-    await fs.access(oldAbsolute);
+    try {
+      await fs.access(oldAbsolute);
+    } catch (e) {
+      if (e.code === "ENOENT") throw new Error(`ENOENT: File not found: ${oldRelative}`, { cause: e });
+      throw e;
+    }
 
     // Verify destination does NOT exist
     try {
@@ -775,23 +785,11 @@ export async function createHandlers({ vaultPath, templateRegistry, semanticInde
     await fs.rename(oldAbsolute, newAbsolute);
 
     // Update basename map: remove old, add new
-    allFilesSet.delete(oldRelative);
-    const oldBasename = path.basename(oldRelative, ".md").toLowerCase();
-    const oldEntries = basenameMap.get(oldBasename);
-    if (oldEntries) {
-      const idx = oldEntries.indexOf(oldRelative);
-      if (idx !== -1) oldEntries.splice(idx, 1);
-      if (oldEntries.length === 0) basenameMap.delete(oldBasename);
-    }
-
-    allFilesSet.add(newRelative);
-    const newBasename = path.basename(newRelative, ".md").toLowerCase();
-    if (!basenameMap.has(newBasename)) {
-      basenameMap.set(newBasename, []);
-    }
-    basenameMap.get(newBasename).push(newRelative);
+    removeFromBasenameMap(oldRelative);
+    addToBasenameMap(newRelative);
 
     // Determine new link target — use full path if basename is now ambiguous
+    const newBasename = path.basename(newRelative, ".md").toLowerCase();
     const newEntries = basenameMap.get(newBasename);
     const isAmbiguous = newEntries && newEntries.length > 1;
     const newLinkTarget = isAmbiguous

package/hooks/capture-handler.sh

@@ -15,19 +15,23 @@ trap cleanup EXIT
 # Read hook input from stdin
 INPUT=$(cat)
 
-# Extract tool_input fields (buffer all stdin before parsing)
-eval "$(echo "$INPUT" | node -e "
-  let b='';
-  process.stdin.on('data',c=>b+=c);
-  process.stdin.on('end',()=>{
-    const j=JSON.parse(b);
-    const ti=j.tool_input||{};
-    console.log('TOOL_INPUT='+JSON.stringify(JSON.stringify(ti)));
-    console.log('CAPTURE_TYPE='+JSON.stringify(ti.type||''));
-    console.log('CAPTURE_TITLE='+JSON.stringify(ti.title||''));
-    console.log('CAPTURE_CONTENT='+JSON.stringify(ti.content||''));
-  })
-")"
+# Extract tool_input fields safely (no eval — stdout capture only)
+TOOL_INPUT=$(echo "$INPUT" | node -e "
+  let b=''; process.stdin.on('data',c=>b+=c);
+  process.stdin.on('end',()=>{ process.stdout.write(JSON.stringify(JSON.parse(b).tool_input||{})); })
+")
+CAPTURE_TYPE=$(echo "$INPUT" | node -e "
+  let b=''; process.stdin.on('data',c=>b+=c);
+  process.stdin.on('end',()=>{ process.stdout.write((JSON.parse(b).tool_input||{}).type||''); })
+")
+CAPTURE_TITLE=$(echo "$INPUT" | node -e "
+  let b=''; process.stdin.on('data',c=>b+=c);
+  process.stdin.on('end',()=>{ process.stdout.write((JSON.parse(b).tool_input||{}).title||''); })
+")
+CAPTURE_CONTENT=$(echo "$INPUT" | node -e "
+  let b=''; process.stdin.on('data',c=>b+=c);
+  process.stdin.on('end',()=>{ process.stdout.write((JSON.parse(b).tool_input||{}).content||''); })
+")
 
 # Skip if missing required fields
 if [ -z "$CAPTURE_TYPE" ] || [ -z "$CAPTURE_TITLE" ] || [ -z "$CAPTURE_CONTENT" ]; then

package/index.js

@@ -73,7 +73,7 @@ export async function startServer() {
       },
       {
         name: "vault_peek",
-        description: "Inspect a file's metadata and structure without reading full content. Returns file size, frontmatter, heading outline with line numbers and approximate section sizes, and a brief preview. Use this to plan which sections to read from large files.",
+        description: "Inspect a file's metadata and structure without reading full content. Returns file size, frontmatter, heading outline with approximate section sizes, and a brief preview. Use this to plan which sections to read from large files.",
         inputSchema: {
           type: "object",
           properties: {

package/init.js

@@ -208,8 +208,29 @@ export function patchMcpConfig(scriptContent, installType) {
   const argsJson = JSON.stringify(installType.args);
   const replacement = `MCP_CONFIG='{"mcpServers":{"obsidian-pkm":{"command":"${installType.command}","args":${argsJson},"env":{"VAULT_PATH":"'"$VAULT_PATH"'"}}}}'`;
   const lines = scriptContent.split("\n");
-  const patched = lines.map(line => line.startsWith("MCP_CONFIG=") ? replacement : line);
-  return patched.join("\n");
+  const result = [];
+  let i = 0;
+
+  while (i < lines.length) {
+    if (lines[i].startsWith("MCP_CONFIG=")) {
+      result.push(replacement);
+      // Multi-line command substitution: contains $( but closing ) is on a later line
+      if (lines[i].includes("$(") && !lines[i].trimEnd().endsWith(")")) {
+        i++;
+        while (i < lines.length && !lines[i].trimEnd().endsWith(")")) {
+          i++;
+        }
+        i++; // skip the closing line
+      } else {
+        i++;
+      }
+    } else {
+      result.push(lines[i]);
+      i++;
+    }
+  }
+
+  return result.join("\n");
 }
 
 const PKM_HOOK_BASENAMES = new Set(["session-start.js", "stop-sweep.js", "capture-handler.sh"]);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pkm-mcp-server",
-  "version": "1.5.2",
+  "version": "1.6.0",
   "description": "MCP server for Obsidian vault integration with Claude Code — 19 tools for notes, search, and graph traversal",
   "main": "cli.js",
   "exports": {
@@ -53,7 +53,7 @@
   },
   "dependencies": {
     "@inquirer/prompts": "^8.3.2",
-    "@modelcontextprotocol/sdk": "^1.0.0",
+    "@modelcontextprotocol/sdk": "^1.27.0",
     "better-sqlite3": "^12.6.2",
     "js-yaml": "^4.1.0",
     "sqlite-vec": "^0.1.7"

package/sample-project/CLAUDE.md

@@ -185,6 +185,7 @@ Use these with `vault_write({ template: "name", path: "...", frontmatter: { tags
 | `moc` | Maps of Content (index/hub notes) |
 | `daily-note` | Daily notes |
 | `task` | Structured task notes with status, priority, due date |
+| `note` | Minimal generic notes |
 
 ## Session End