Ragflow API Client
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a straightforward Ragflow client, but it needs a Ragflow API key and can upload or delete knowledge-base data when invoked.
Install only if you intend to let the agent interact with your Ragflow instance. Configure a trusted HTTPS Ragflow URL, use a least-privilege API key, avoid uploading secrets unless the instance is approved for them, and be careful with delete-dataset commands.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A broadly scoped or shared API key could let the agent create, upload to, or delete Ragflow knowledge-base data.
The skill requires a bearer API key with dataset-management authority. This is expected for a Ragflow client, but it is still privileged access to a remote service.
RAGFLOW_API_KEY:\n description: Ragflow API key (use least-privilege key, can manage datasets/upload files)\n required: true
Use a least-privilege Ragflow key limited to the intended instance or dataset, prefer an HTTPS RAGFLOW_URL, and rotate the key if it is exposed.
A mistaken or overly autonomous invocation could delete a Ragflow dataset that the API key is allowed to manage.
The CLI can delete a Ragflow dataset once the delete command is invoked. This matches the stated dataset-management purpose, but it is a destructive remote action and there is no extra confirmation step in the script.
case 'delete-dataset':\n if (!args.dataset) error('--dataset required');\n await cmdDeleteDataset(args.dataset);\n...\nasync function cmdDeleteDataset(datasetId) {\n await ragflow.deleteDataset(datasetId);\n log(`Deleted dataset: ${datasetId}`, 'green');\n}Confirm dataset IDs before deletion, keep backups where appropriate, and consider adding a confirmation prompt or using a key that cannot delete production datasets.
Sensitive or untrusted documents uploaded to Ragflow may be retained in the knowledge base and reused in future RAG responses.
Uploaded files are sent to Ragflow and then parsed into a retrieval knowledge base. This is the core purpose of the skill, but it means selected documents can persist and later influence chat answers.
async function uploadAndParse(datasetId, filePath, options = {}) {\n const result = await uploadDocument(datasetId, filePath, options);\n const documentId = result.data?.[0]?.id;\n if (documentId) {\n await triggerParsing(datasetId, [documentId]);\n }Only upload documents appropriate for that Ragflow instance, separate sensitive datasets, and treat retrieved document content as data rather than trusted instructions.