RAG Engineering
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: afrexai-rag-engineering Version: 1.0.0 The skill bundle provides a comprehensive methodology for RAG engineering, intended to equip an AI agent with expert knowledge. The `SKILL.md` and `README.md` files contain extensive documentation, pseudocode, and configuration examples, but no executable code or instructions for the agent to perform system-level actions (e.g., file access, network calls, shell commands). There are no indicators of data exfiltration, malicious execution, persistence, or prompt injection designed to subvert the agent's core function or steal data. External links are to the publisher's other skills or commercial context packs, which is not malicious. The content is purely informational and instructional for the agent's reasoning process.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on private or regulated documents, the resulting RAG system may store and later reuse sensitive text, metadata, summaries, or retrieved context.
The skill advises building RAG pipelines that store indexed document chunks and derived context, which is central to the stated purpose but can involve persistent sensitive content.
Raw Documents → Extraction → Cleaning → Enrichment → Chunking → Embedding → Indexing
Before applying the guidance, define allowed document sources, retention rules, access controls, redaction requirements, and safeguards for untrusted retrieved content.