Knowledge Retrieval Publish
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or deleted document contents may remain searchable or recoverable from the local skill workspace until the user manually deletes the cache/index directories.
The skill persistently stores search indexes and analysis caches containing extracted document information, and the documentation states they are not automatically removed when source files are deleted.
BM25 索引和图片分析缓存保存在 skill 工作目录中,不会随原文件删除而自动清除
Use this only on a dedicated folder you intend to index, avoid mixing highly sensitive files into that folder, and manually clear the cache/index when removing documents or uninstalling.
All supported files under the configured folder can be indexed for later reuse, including newly added files, without per-file review shown in the artifacts.
The indexing script recursively scans the configured source directory and saves the full searchable corpus into the persistent BM25 index.
for entry in sorted(project_root.rglob("*")):
...
retriever.save(str(index_dir), corpus=corpora)Add explicit include/exclude controls, confirm the exact folder before indexing, and document that all supported files under that folder may be stored in the local index.
If the active model is cloud-hosted or not approved for the documents being searched, file excerpts may leave the local machine through normal model-context processing.
The skill discloses that local file contents may be provided to the active model as context for reasoning.
文件内容可能以上下文形式传入大模型进行处理,请确保选用你信任或获批的模型运行此 SKILL。
Use an approved model/provider for sensitive documents, and do not run searches over files that your model policy does not allow.
Users may need to install dependencies manually or verify the environment, and should not assume the registry metadata fully captures setup requirements.
The documentation requires external Python packages and references a setup script, while the registry states there is no install spec and the provided manifest does not include setup.bat.
Run `scripts/setup.bat` from the skill directory ... pip install bm25s pdfminer.six python-pptx
Install only reviewed dependencies from trusted sources, prefer pinned versions where possible, and verify any setup script before running it.