ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

index1

v2.0.3

AI memory system for coding agents — code index + cognitive facts, persistent across sessions.

0· 800·0 current·1 all-time
by@gladego
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (code memory + search) matches the instructions: installing/running an index1 binary, creating a project .mcp.json, indexing local source/docs, and optionally configuring an embedding backend. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Instructions stay within the stated purpose (indexing, recall, reindex, web UI). However, they include potentially impactful operations: 'index1 setup' (claims to auto-configure hooks and MCP), writing/creating .mcp.json and edits to project README/CLAUDE.md, starting a web UI that opens a local port, and indexing project files (reads repository data). These are expected for this tool but worth awareness.
!
Install Mechanism
The skill is instruction-only and recommends installing index1 via pipx/pip or npx and suggests running a remote installer (curl -fsSL https://ollama.com/install.sh | sh) for an optional backend. npx and curl|sh run remote code and are higher-risk operationally; the SKILL.md does not provide hashes or pinned release URLs to verify installers.
Credentials
No environment variables, credentials, or config paths are requested by the skill. Optional integration with Ollama (a local service) is described; that is proportional to the optional embedding backend and does not introduce unexplained credential access.
Persistence & Privilege
always is false and model invocation is allowed (normal). The tool will create/modify project files (.mcp.json, suggested CLAUDE.md edits) and can start a persistent local process/web UI — expected for an indexing service but worth reviewing. 'index1 setup' could make automatic config changes; the instructions do not show an explicit review step.
Assessment
This skill appears to do what it says (a local code/document index + cognition tools), but follow these precautions before installing: (1) Inspect the index1 package source on PyPI/NPM and prefer installing from trusted, pinned releases rather than running npx unverified code. (2) Avoid running curl | sh with no verification; fetch installers manually and check signatures or vendor docs. (3) Review what 'index1 setup' will change (backup project files first) — it can write .mcp.json and modify CLAUDE.md. (4) Running the web UI opens a local HTTP port; ensure you run it in a safe/network environment. (5) If you pull large remote models or configure an external embedding service, understand whether any project data will be sent to that service. If you want higher assurance, run installation and initial indexing in an isolated environment or container and review the files the tool writes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cgkadf8cxsrmmdk6f4n0qdn81b5nh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments