brand knowledge base
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill coherently builds brand knowledge files, but it sends selected input documents to a configured LLM API and saves reusable outputs, so users should redact sensitive data and review results.
Use this skill only with documents you are comfortable sending to your configured LLM provider. Redact secrets, customer data, and confidential business material; use a dedicated API key; and review generated knowledge files before publishing or ingesting them into other agents.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A provider API key may incur usage costs or expose account access if mishandled.
The skill authenticates to an LLM provider with a local API key. This is expected for the stated LLM processing, but the key is still a sensitive credential.
api_key = os.getenv("OPENAI_API_KEY") ... client = OpenAI(api_key=api_key, base_url=base_url)Use a dedicated LLM API key with the minimum needed permissions and revoke it if you stop using the skill.
Private business documents or customer data included in the input may leave the local environment.
The skill sends the selected document to an external LLM provider. This is clearly disclosed and central to the purpose, but it can include confidential brand or customer information.
"The full contents of the specified input file will be sent over HTTPS to the configured OpenAI-compatible API provider"
Redact sensitive or regulated data before use and choose a trusted OPENAI_BASE_URL/provider.
Incorrect, poisoned, or over-claiming content could be reused by downstream agents or published publicly.
The generated knowledge base is intended for later RAG/agent/public use, and the skill itself warns that raw inputs may mislead the model if not reviewed.
在正式装载入 RAG 系统、对客 Agent 或公开网站前,必须经过人工的严格复核与批准
Manually review and approve generated files before loading them into RAG systems, customer-facing agents, or public websites.