Semantic Code Search
PassAudited by ClawScan on May 12, 2026.
Overview
This skill appears to be a local semantic code-search helper, but users should know it can persist indexed source code into a local JSON file.
This looks safe for local code search, but use it only on repositories you are comfortable indexing. Check the actual CLI file name before running examples, avoid committing .code_index.json, and remember that the saved index may include copied source code and docstrings.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The local index may contain proprietary code, comments, or secrets accidentally present in source files.
The save method writes extracted source code and docstrings into a local JSON index, and the CLI index command saves that index as .code_index.json.
"docstring": f.docstring, "code": f.code, ... Path(path).write_text(json.dumps(data, indent=2))
Run it only on codebases you intend to index, keep .code_index.json out of commits and shared folders, and delete the index when it is no longer needed.
The documented commands may not work as written, and the user may need to resolve the correct file path or install a missing CLI dependency.
The documented CLI path references scripts/search.py, but the provided manifest contains scripts/code_search.py instead. The included code also imports click for CLI use without an install specification.
python3 scripts/search.py index /path/to/codebase
Verify the intended entrypoint before running commands and install only expected dependencies from trusted package sources.