QMD CLI
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent local markdown search skill, but users should notice that it installs an external CLI and can index and retrieve private local notes.
Before installing, decide which markdown folders you actually want searchable, avoid adding sensitive personal or business notes unless intended, and install the qmd CLI only from a source you trust. If you use the MCP server, connect it only to trusted clients.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the external qmd package gives that package local execution ability in the user's environment.
The skill asks the user to globally install an external CLI from a GitHub URL; this is expected for the skill, but the artifact does not pin a version or commit.
bun install -g https://github.com/tobi/qmd
Install only if you trust the qmd repository, prefer a pinned release or commit where possible, and review the package before using it with sensitive notes.
Private notes, documentation, or meeting transcripts added to the collection may be retrieved into agent conversations later.
The setup creates an indexed local markdown collection and embeddings, which are persistent searchable context for future retrieval.
qmd collection add ~/notes --name notes --mask "**/*.md" qmd embed
Use narrowly scoped collections, exclude sensitive folders, understand where qmd stores its index and embeddings, and avoid broad retrieval options unless needed.
If the MCP server is started, connected clients may be able to search or retrieve indexed local documents.
The optional MCP mode exposes search and retrieval tools to MCP clients, which can access the indexed markdown content.
qmd can run as an MCP server for direct integration: qmd mcp Exposes tools: `qmd_search`, `qmd_vsearch`, `qmd_query`, `qmd_get`, `qmd_multi_get`, `qmd_status`
Run the MCP server only for trusted clients and with collections that are appropriate to expose through that integration.