Personal Knowledge Base
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: pkm Version: 1.0.1 The skill instructs the agent to perform file system operations (create `~/kb/`, write/read Markdown files), network requests (fetch URL titles/summaries), and potentially execute shell commands (`grep` for full-text search) as described in `SKILL.md`. While these capabilities are aligned with the stated purpose of a knowledge base, they introduce significant vulnerabilities like Server-Side Request Forgery (SSRF) and shell injection if user input is not rigorously sanitized by the agent. There is no evidence of intentional malicious behavior such as data exfiltration or backdoor installation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may write notes to a local folder, fetch information about links you provide, and remove items from the inbox after processing.
The skill instructs the agent to create local files, fetch URL metadata, and remove processed inbox entries. These actions are clearly tied to the knowledge-base purpose, but they are still local mutations and network/tool actions users should notice.
Create `~/kb/` as the workspace ... Link → fetch title and summary ... Delete from inbox once processed
Use this skill with content you are comfortable storing in ~/kb/, and review processed notes before allowing inbox items to be deleted.
Private thoughts, quotes, links, or questions you send may be saved and searched later as part of the knowledge base.
The skill is designed to persist user-provided content and reuse it for later search and retrieval. This is purpose-aligned, but sensitive or incorrect notes could be retained and later surfaced.
User sends anything ... Capture first, organize second ... Offer to search when user asks a question — might already have the answer
Avoid saving secrets or highly sensitive material unless you are comfortable with it being stored in local Markdown files, and periodically review or delete outdated notes.