Enterprise Knowledge Base Reader
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: enterprise-kb-reader Version: 1.1.0 The skill is a standard RAG (Retrieval-Augmented Generation) implementation designed for read-only access to an enterprise knowledge base. It uses legitimate libraries (ChromaDB, OpenAI, DashScope) to perform vector searches and retrieve documents from shared system paths like /usr/local/share/kb-data or C:/ProgramData/kb-data. The code follows its stated purpose without any evidence of data exfiltration, unauthorized command execution, or malicious prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may consult this KB before answering many business-related questions, which can be helpful but may be broader than some users expect.
The skill explicitly instructs the agent to prioritize KB retrieval for a broad range of business questions; this is aligned with the skill’s purpose but affects tool-use behavior.
用户提出任何业务问题、产品咨询、公司政策、员工手册、操作流程、规章制度、FAQ、项目信息等问题时,必须优先调用本知识库检索相关内容
Install it only where automatic KB consultation for business topics is desired, and give the agent explicit instructions when a question should not use this knowledge base.
Users must provide a valid embedding-provider key, and that key authorizes calls to DashScope or OpenAI-compatible services.
The skill requires provider API credentials for embeddings, even though registry metadata lists no primary credential or required env vars.
$env:DASHSCOPE_API_KEY='your-dashscope-key' ... $env:OPENAI_API_KEY='your-openai-key'
Use a least-privilege or dedicated API key where possible, keep it in environment variables rather than checked-in config files, and monitor provider usage.
Business questions or other text entered as queries may leave the local machine and be processed by DashScope or OpenAI, depending on configuration.
User query text is sent to the configured embedding provider to generate an embedding vector.
response = self.client.embeddings.create(
model=self.model,
input=text
)Avoid entering highly sensitive queries unless the configured provider is approved for that data, and review the provider’s data-handling policy.
Answers may include or rely on stored enterprise documents, including any inaccurate or poisoned content that an administrator previously added to the KB.
The skill retrieves persistent enterprise KB content from a shared local data store and uses it to answer user questions.
kb-data/ ├── chroma_db/ # 向量数据库 (只读访问) └── documents/ # 原始文档 (只读访问)
Use this only with a curated KB, maintain access controls on the shared KB directory, and treat retrieved content as reference material rather than unquestionable authority.
The installed dependency set may change over time, which can affect reliability and supply-chain risk.
Dependencies are installed from package indexes using lower-bound version ranges, so future installs may resolve to different package versions.
chromadb>=0.4.15 openai>=1.3.0 dashscope>=1.14.0 numpy>=1.24.0
Prefer a pinned requirements file or lockfile in managed environments, and install from trusted package sources.
Users could overestimate how API keys are protected if they place them in configuration rather than using environment variables.
The documentation claims encrypted key storage, but the supplied code only shows environment/config loading for API keys and does not show an encryption mechanism.
API安全: 支持多种API提供商,密钥加密存储
Do not rely on encrypted key storage unless the implementation is separately verified; keep secrets in approved secret-management mechanisms or environment variables.