Audit Case Rag
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive case evidence may be copied into a persistent local index outside the original case folder.
The local index stores extracted document text, metadata, TF-IDF data, and embeddings persistently, which is expected for a RAG tool but important because audit case materials may be sensitive.
"texts": texts, "metas": metas, "tfidf_vectorizer": vec, "tfidf_matrix": mat, "embeddings": embs
Store the output directory securely, avoid indexing unrelated folders, and follow the skill's instruction not to commit or share generated indexes.
Generated files may reveal document names, paths, and indexed case content if copied, committed, or shared.
The skill clearly discloses that it writes persistent local outputs. This is purpose-aligned, but users should understand these files may contain or reference sensitive case information.
Outputs: - `manifest.jsonl` written into the case directory - `audit_rag_db/<case_id>.joblib` (persistent local index)
Keep generated manifests and indexes local, private, and excluded from version control or shared drives unless sharing is intentional.
Local document conversion runs an external program over case files when Office documents are indexed.
The script invokes LibreOffice as a local subprocess to convert Office files to PDFs for page citations. This is disclosed and aligned with the stated workflow.
proc = subprocess.run(cmd, capture_output=True, text=True)
Use a trusted LibreOffice installation and only index case folders whose documents you intend to process locally.
Different installations may resolve to different dependency versions, which can affect reproducibility and supply-chain assurance.
The dependency list is disclosed and purpose-aligned, but versions are lower-bounded rather than pinned exactly, so installed package versions may vary over time.
fastembed>=0.3.0 scikit-learn>=1.5.0 pypdf>=4.2.0
Install in a dedicated virtual environment and consider pinning exact versions or using a lockfile for production audit workflows.