LLM Knowledge Base
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill appears to build a local, persistent Obsidian-style knowledge base, with expected but noteworthy local file, web-fetch, and persistence behavior.
This skill looks purpose-aligned for building a local Obsidian-compatible knowledge base. Before using it, choose a vault location deliberately, review what files or URLs you ingest, avoid adding sensitive documents unless you want them persisted, and ensure URL fetching and filenames are handled safely.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed URL or unsafe generated slug could be mishandled if the command is pasted directly into a shell; fetched content is also saved locally in the vault.
The skill instructs use of a shell command with a user-provided URL and generated filename. This is purpose-aligned for source ingestion, but safe quoting and filename sanitization matter.
URL: fetch with `curl -sL <url> | head -c 100000 > raw/inbox/<slug>.md`
Use a safe fetch tool or carefully quote URLs and sanitize slugs before writing files. Only ingest URLs and files the user intentionally selects.
Private source materials and generated answers may remain on disk and influence future knowledge-base responses.
The skill intentionally creates persistent stored context that can be reused later, including raw sources, summaries, outputs, and navigation pages.
you build a **persistent wiki** that accumulates knowledge... Good answers get saved back to the wiki
Review what is added to the vault, avoid ingesting sensitive material unless persistence is desired, and periodically inspect the vault files and AGENTS.md rules.