ClawHub
Back to skill
v0.1.0-beta.0

Knowhere

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:25 AM.

Analysis

Knowhere is a coherent document-ingestion helper, but it relies on an external plugin and can store/search local or URL documents, so install and use it intentionally.

GuidanceBefore installing, verify the external Knowhere plugin package and only ingest documents you are comfortable storing in the current Knowhere scope. Use the cleanup tools intentionally when you no longer want documents to remain searchable.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
openclaw plugins install @ontos-ai/knowhere-claw

The skill depends on an external plugin package that is not included in the provided artifact set. The install step is user-directed and central to the stated purpose, but the plugin provenance should be checked separately.

User impactInstalling the skill alone does not provide the document tools; using it requires trusting and installing a separate plugin package.
RecommendationVerify the plugin source, publisher, and repository before installing or enabling it.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
`knowhere_remove_document` and `knowhere_clear_scope` for cleanup

The skill exposes cleanup operations that can modify or delete the plugin's stored document state. This is purpose-aligned, but users should be aware of the impact before clearing a scope.

User impactA cleanup action could remove indexed documents from the current Knowhere scope and affect later retrieval.
RecommendationConfirm the target document ID or scope before using remove or clear operations.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
ingest a local file or URL into the current scope

The skill is designed to store ingested document content for later search and retrieval within a scope. This is expected for the purpose, but private or incorrect content may persist and influence later answers.

User impactDocuments you ingest may remain searchable in the Knowhere scope until removed or cleared.
RecommendationIngest only files or URLs you intend to make searchable, and use the remove or clear tools when the stored document state is no longer needed.