I used flatseal and looked at the capabilities of obsidian flatpak. It seems to want access to ssh-agent socket and also ~/.ssh. I’m not an expert in flatpak sandbox setup/permissions so maybe this is all innocent. BUT…
In other posts there are always questions about the safety/security of plugins and even obsidian itself. For Linux/flatpak users, how about not enabling this as a default path, as default paths can’t be removed, and folks can use flatseal to add this permission back if they need it.