Fabrik Codek
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent for a local personal knowledge system, but it asks to persistently capture and reuse broad work/session data and can expose an MCP server over the network without enough scoping or access-control guidance.
Treat this as a powerful local memory system, not a simple Q&A helper. Before installing, verify the `fabrik` binary, decide exactly which projects and transcripts it may index, exclude secrets and confidential material, confirm how to delete stored data, and avoid enabling the SSE network transport unless you have strong local binding and access controls.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private code, transcripts, decisions, and work habits may be stored and reused in future answers or prompts, including sensitive or outdated information.
The skill is designed to collect broad private work and session data for later retrieval and profiling; the artifact does not define clear collection boundaries, exclusions, retention, or review controls.
Fabrik-Codek captures code changes, session transcripts, decisions, and learnings in a local datalake
Use only in a trusted workspace, restrict what it can index, exclude secrets and confidential projects, and confirm how to inspect, delete, or reset the stored datalake, graph, embeddings, profiles, and outcomes.
Mistaken, malicious, or sensitive content from one session could influence future responses or be surfaced unexpectedly.
The skill persistently learns from interactions and automatically changes retrieval behavior, but the artifact does not describe safeguards against bad, sensitive, or poisoned session content affecting later tasks.
Every interaction feeds back into the system... Outcome tracking... Self-correction — Adjusts retrieval parameters
Review and control what interaction history is saved, keep sensitive sessions out of the knowledge base, and require a way to audit and purge learned data.
If exposed beyond the local machine, other clients could potentially query or interact with the personal knowledge system.
The artifact documents an MCP SSE network transport, but does not describe authentication, binding to localhost, firewalling, client identity, or permission boundaries for access to its personal knowledge tools.
"args": ["mcp", "--transport", "sse", "--port", "8421"]
Prefer local stdio transport unless network access is required; if using SSE, bind to localhost, firewall the port, and confirm authentication and access controls before enabling it.
The safety of the skill depends on the `fabrik` binary you install, not just this SKILL.md file.
The skill depends on an external executable that is not included in the reviewed artifacts, so the scanner cannot verify the implementation behind the documented MCP server and indexing commands.
No install spec — this is an instruction-only skill; Required binaries: fabrik; No code files present
Install `fabrik` only from the verified project source, check the version and release integrity, and review its documentation before allowing it to index private data.