rag-knowledge-assistant

This skill is mostly coherent for building a local RAG index and searching documents, but take these precautions before installing or running it: - Do NOT follow the PUSH_GUIDE recommendation to embed your GitHub Personal Access Token in the git push URL; that exposes the token to shell history/logs. Use a credential manager, SSH keys, or temporary tokens instead. - Inspect scripts/requirements.txt before pip installing. Consider running pip install inside a virtualenv or container to avoid affecting your system Python. - The code may download large HuggingFace models (BAAI/bge-m3) or expect a local Ollama service — ensure you have disk, bandwidth, and understand where models are fetched from. If you cannot or do not want remote downloads, use the Ollama/local models option but only if Ollama runs locally. - Only put documents you trust into the ./knowledge directory; the skill will read and index everything under that path (don’t index sensitive secrets, private keys, or system files). - Run the tooling in an isolated environment (VM/container) if you are unsure, and verify network activity if you need strong assurance that data is not being transmitted off-host. If you want a cleaner manifest: ask the author to list operational requirements (local Ollama service, approximate model download size, any optional env vars) and to remove or fix the insecure push instructions.