Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
librag-recall
v1.0.0使用 LibRAG 本地 `/api/v1/librag/knowbase/recall` 接口做知识库数据召回。适用于中文场景下的知识库检索、资料召回、证据段落提取、出处定位、基于知识库的问答取证,以及用户用“知识库查询”“数据召回”“从文档里找答案”等表达发起的任务。
⭐ 0· 269·0 current·0 all-time
by@7010g
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description say it calls LibRAG recall API. The bundle contains a Python script that calls a /librag/knowbase/recall endpoint and a config.json with base_url, api_key, kb_id, etc. Requiring a Python runtime and a config file is consistent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run the included Python script with a config.json and question. The script reads config.json, constructs a GET request with Authorization: Bearer <api_key>, and prints JSON containing request/response and a summary. This is within scope. Minor note: the script prints the config file path and server response verbatim (including any echoed data). Although the script itself does not print the API key, server responses could theoretically echo sensitive fields—so be careful with what you send/return.
Install Mechanism
No install spec; this is instruction-only plus an included Python script. Nothing is downloaded or written to disk by the skill beyond reading the provided config.json and running the script, which is low-risk and proportional.
Credentials
The skill does not request environment variables or unrelated credentials. It expects an API key and endpoint in config.json, which is appropriate for an API client. Storing the API key in config.json is a design choice — users should protect that file (permissions) and avoid committing it to source control.
Persistence & Privilege
always:false and default autonomous invocation are set. The skill does not attempt to modify other skills, system settings, or persist new credentials. It only reads the local config and performs a network call to the configured base_url.
Assessment
This skill is a straightforward helper for calling a LibRAG recall endpoint. Before installing: (1) ensure base_url points to the intended LibRAG instance (default is localhost); (2) put the API key in config.json and protect that file (restrict filesystem permissions, don't check it into source control); (3) be aware the tool prints the config path and server responses verbatim — avoid passing secrets or private data in requests if you don't want them echoed; (4) verify the endpoint is trusted (if you set base_url to a remote host, the API key will be sent to that host). If you want keys outside files, consider modifying the script to read from a secure secret store or environment variable instead of a plaintext config.json.config.json:2
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97f06vb5p4ve9n13mew4rz1ex82ngr9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔎 Clawdis
Any binpython, py, python3