ClawHub

LH DeepWiki

v1.0.0

Query DeepWiki MCP service via Streamable HTTP to get GitHub repository documentation, wiki structure, and AI-powered Q&A.

0· 283·1 current·1 all-time
by@liuhedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description match the included script: it calls a DeepWiki MCP endpoint to read public GitHub repo docs and answer questions. Minor inconsistency: SKILL.md examples run 'node ./scripts/deepwiki.js' but the registry 'required binaries' section lists none — Node.js should be declared as a required runtime.
Instruction Scope
SKILL.md instructs running the provided script to call the DeepWiki MCP server for ask/structure/contents. The instructions do not request reading local files, other env vars, or unrelated system data. The script only sends the repo name, path, and question to the DeepWiki endpoint and prints results.
Install Mechanism
No install spec or remote downloads are present; the skill is instruction-only plus a small local script. Nothing is written to disk by an installer during install.
Credentials
The skill requires no credentials or secrets and the script does not read environment variables or config paths. It only makes outbound HTTPS requests to https://mcp.deepwiki.com/mcp, which is consistent with the claimed functionality.
Persistence & Privilege
always is false and the skill does not request persistent system-level privileges or modify other skills. It operates at runtime and can be invoked by the user or autonomously per platform defaults.
Assessment
This skill appears to do what it claims: it POSTs JSON-RPC requests to https://mcp.deepwiki.com/mcp to fetch documentation/answers about public GitHub repos. Before installing, be aware: (1) you need Node.js to run the provided script (SKILL.md uses 'node' but the registry metadata omitted this requirement); (2) queries (repo names, paths, and questions) are sent to an external service — do not use it for sensitive or private data; (3) there is no API key or auth, so trustworthiness and privacy depend on the DeepWiki endpoint. If you want extra caution, review the script locally and run it in a network-isolated environment or verify the endpoint's trustworthiness before granting network access.

Like a lobster shell, security has layers — review code before you run it.

latestvk9782kh4pnp25sdsdfy3pkt1cx829jfc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments