Comment by btown

20 hours ago

Congrats on the launch! Curious about whether the automated scanning system flags expansions of scope and network domain access for internal/human review.

For instance, an AI summarization plugin that starts by saying it accesses url="api.openai.com"+path with a user-supplied OpenAI key is going to be incredibly common - and I'm really excited for what the community builds here!

But what if that plugin has an update that allows the "user" to choose an arbitrary endpoint as an OpenAI-compatible API - how do you ensure that's not a malicious update that has coopted that flexibility to create a network egress that will bypass your scans, and might subtly prefill that with a malicious endpoint?

5 comments

btown

kepano 18 hours ago

Every update is scanned, and we will be regularly re-scanning all the latest versions of every plugin as we improve the system. The review system is based on our eslint plugin which itself open source and reproducible, so anyone can contribute to improving it: https://github.com/obsidianmd/eslint-plugin

And since plugins are open source, users can also audit the code and flag issues via the Community site.

btown 14 hours ago
That's very cool - using a linter as a standardization system removes a lot of the guesswork out of submitting! But it's an unenviable challenge to guard against bad actors here - there's now an open-source oracle that an attacker could use to see if their technique would sneak by the review process, and they can have a coding agent iterate until successful.
I might encourage adding things like https://ofriperetz.dev/articles/eslint-plugin-security-is-un... or https://github.com/mozilla/eslint-plugin-no-unsanitized as things that flag for further review - and likely adding even more that you might not publicize as part of the eslint-plugin repository, so there's a more obscure level of protection that might catch a would-be attacker!
- joethei 2 hours ago
  
  The system consists of a few different parts, the linter is only one part and is responsible for surfacing issues to the dev during development.
  We have additional checks that also check the release assets to catch issues in dependencies etc, that part is not public.
chrisweekly 17 hours ago
Longtime (early adopter) Obsidian user here. Thank you for such an amazing tool. And congrats on the launch!
Curious if you considered oxlint^1? (It's a a faster, simpler, near drop-in replacement for eslint.)
1. https://oxc.rs/docs/guide/usage/linter.html
- kepano 17 hours ago
  
  It's the first I am hearing about it, but I'll take a look!