Back to skill
Skillv0.1.0
ClawScan security
Qmd · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 12, 2026, 7:40 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions match its stated purpose (local markdown search); it indexes local files and may download local models, which is expected behavior for this tool.
- Guidance
- This skill is internally consistent for local markdown search, but consider the following before installing: 1) qmd will index whatever directories you add — avoid indexing sensitive directories or configure masks to exclude secrets. 2) The recommended install uses Bun to fetch code from the project's GitHub repo and qmd may auto-download GGUF models into ~/.cache/qmd/models; ensure you trust the upstream project and have disk/network capacity. 3) If you schedule automatic updates/embeddings (cron or agent scheduler), those jobs will run qmd commands with the PATH you provide — be careful what PATH and environment you export in scheduled contexts. If you want extra assurance, install qmd manually from the official repo, verify checksums/releases, and test indexing on a small, non-sensitive subset of files first.
- Findings
[no_regex_findings] expected: The package is instruction-only with no code files, so the regex scanner had nothing to analyze. This is expected; runtime behavior is driven by the qmd CLI invoked by the agent.
Review Dimensions
- Purpose & Capability
- okName/description, required binary (qmd), and instructions align: the skill is a wrapper for the qmd CLI and only needs that binary (and Bun for installation). Nothing requested is unrelated to local markdown search.
- Instruction Scope
- okSKILL.md instructs the agent to run qmd commands, add collections, and (optionally) schedule qmd update/embed. It explicitly operates on user-provided file paths and local caches. The only broader behavior is that qmd may auto-download GGUF models and will read/index files you point it at — this is coherent with its purpose but worth noting.
- Install Mechanism
- noteThe skill is instruction-only (no automatic install), but the README metadata recommends installing via Bun from the project's GitHub repo (bun install -g https://github.com/tobi/qmd) and suggests brew install sqlite for macOS. Installing via Bun from the repo and qmd's auto-download of GGUF models is a moderate-risk action (network downloads, large model files) but is expected for a local LLM-based search tool.
- Credentials
- okNo credentials or sensitive env vars are requested. The instructions reference PATH adjustments (e.g., $HOME/.bun/bin) and cache paths (~/.cache/qmd/models) which are proportional to running qmd. Note: indexing a directory will read local files you point it at — index contents should be chosen carefully.
- Persistence & Privilege
- okThe skill does not request always: true or other elevated platform privileges, nor does it instruct modifying other skills. It may be used to run long-lived processes or scheduled jobs (user-configured), which is normal for this use case.