ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bm25 Rerank Memory

v1.0.0

本地 BM25 + Embedding + Rerank 混合记忆检索。检索 /root/workspace/Remember 下的 Markdown 记忆文件,支持关键词+语义+重排。每次记忆搜索用它替代 mem0。

0· 66·0 current·0 all-time
by@ckqiao

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ckqiao/bm25-rerank-memory.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Bm25 Rerank Memory" (ckqiao/bm25-rerank-memory) from ClawHub.
Skill page: https://clawhub.ai/ckqiao/bm25-rerank-memory
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install bm25-rerank-memory

ClawHub CLI

Package manager switcher

npx clawhub@latest install bm25-rerank-memory
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to perform local BM25+embedding+rerank retrieval over /root/workspace/Remember, which matches the provided instructions to call a local script. However, the SKILL.md also relies on SiliconFlow / BAAI models for embeddings/reranking (networked services) but declares no credentials or network endpoints; that is an unexplained capability mismatch.
!
Instruction Scope
Runtime instructions tell the agent to execute /opt/memory/bm25_rerank_search.py and read/search markdown files under /root/workspace/Remember. Because the skill is instruction-only and provides no code, it assumes those files and scripts exist and will be executed/read — this gives the skill the ability to surface arbitrary local file contents and to run arbitrary code in /opt if present.
!
Install Mechanism
There is no formal install spec, but the SKILL.md recommends running `pip install rank-bm25 --break-system-packages`. That flag is invasive (can circumvent OS package manager protections) and is risky to run system-wide; even though rank-bm25 is reasonable for BM25, recommending --break-system-packages is disproportionate and potentially harmful.
!
Credentials
The instructions depend on external embedding/reranker services (SiliconFlow / BAAI models) but the skill declares no required environment variables or credentials. Either credentials are expected to be configured out-of-band (not declared) or the skill will fail/attempt unknown network access — both are problematic. It also references system paths (/opt and /root) without declaring config path requirements.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It is user-invocable and can be invoked autonomously per platform default, which is normal. The main risk is execution of a local script and reading /root files (described above), not elevated registration.
What to consider before installing
This skill expects and will execute a local script (/opt/memory/bm25_rerank_search.py) and read files under /root/workspace/Remember — verify those files/scripts are trustworthy before using. Confirm how the SiliconFlow/BAAI embedding and reranker APIs are authenticated (there are no env vars declared); if API keys are needed, ensure they are supplied securely and not exposed. Do not run the suggested `pip install ... --break-system-packages`; instead install dependencies in a virtualenv or container. If you cannot validate the /opt script or the origin of any network calls, run this in an isolated environment or avoid installing/using it.

Like a lobster shell, security has layers — review code before you run it.

latestvk977wjakweefw0s2xf298851dn84qc26
66downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@ckqiao
latest
Download

BM25 Rerank Memory Search

调用本地检索脚本 /opt/memory/bm25_rerank_search.py,返回精确的上下文片段。

依赖

  • BM25: rank_bm25
  • 向量+重排: SiliconFlow API (BAAI/bge-m3 + BAAI/bge-reranker-v2-m3)
  • 安装: pip install rank-bm25 --break-system-packages

使用方式

搜索记忆

python3 /opt/memory/bm25_rerank_search.py search <查询词>

重建索引(记忆文件变更后需执行)

python3 /opt/memory/bm25_rerank_search.py reindex

检索逻辑

  1. BM25 关键词匹配 → 候选集 A
  2. BGE-M3 向量相似度 → 候选集 B
  3. A ∪ B 合并
  4. BGE-Reranker-v2-m3 重排 → 最终结果

输出格式

每条结果包含: [score] path:chunk_id + 内容片段 (最多显示前200字符)

Comments

Loading comments...