ClawHub

Edge Knowledge Graph

v1.0.0

Build and query focused knowledge graph subgraphs locally on resource-limited edge devices for low-latency, offline-aware reasoning and incremental updates.

0· 67·0 current·0 all-time
by@kingofzhao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (edge knowledge-graph subgraphs for resource-limited devices) match the SKILL.md content: projection, incremental sync, lightweight inference. The doc does not request unrelated binaries, credentials, or config paths.
Instruction Scope
SKILL.md contains high-level design guidance (projection rules, diff/patch sync, conflict resolution, inference optimizations) and does not instruct the agent to read local files, access environment variables, execute binaries, or transmit data to external endpoints. There is no scope creep beyond the stated purpose.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only, so nothing will be written to disk or downloaded during install.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportional for a design/instruction document that does not perform runtime network or privileged operations.
Persistence & Privilege
The skill does not request always: true and does not indicate any mechanism for persistent or elevated privileges. Autonomous invocation remains possible (platform default) but the instructions themselves do not escalate privilege.
Scan Findings in Context
[no-findings] expected: The regex-based scanner found nothing to analyze because the skill is instruction-only (only SKILL.md present). This is expected for a prose/design-only skill.
Assessment
This skill is a high-level design/instruction document (no code, no installs, no credentials requested), and appears internally consistent with its stated goal. Still consider: (1) provenance — source and homepage are missing, so if you later install an implementation based on these instructions, audit that code and packages before running on devices; (2) testing — try implementations in a sandbox or isolated edge device before deploying to production; (3) least privilege — never supply cloud credentials or device admin credentials unless a concrete implementation legitimately requires them and you’ve reviewed that code. If you want a runnable implementation, ask the author for source (repo, releases) and a clear install plan so you can review packages and update mechanics.

Like a lobster shell, security has layers — review code before you run it.

latestvk978epm7xczf0sxtfxxte9zsm9840zbx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments