wiki-manager
Security checks across malware telemetry and agentic risk
Overview
This is a transparent local wiki-index manager; the main thing to notice is that it persists and reuses a local keyword memory file.
This skill looks safe for its stated purpose if you are comfortable with an agent maintaining a local wiki/wiki.json file. Before using it, create or inspect that file, keep backups, avoid putting secrets in definitions or keywords, and periodically review entries and source paths.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may read and update the local wiki index file; mistakes could corrupt or overwrite the index, though a backup step is documented.
The skill tells the agent to use local shell-style commands to read and back up the wiki JSON file. This is purpose-aligned and scoped, but it is still local file/tool access.
管理脚本(无工具版,用 exec) ... cat wiki/wiki.json ... cp wiki/wiki.json wiki/wiki.json.bak
Keep the wiki directory backed up, review edits to wiki.json, and avoid letting the agent run broader shell commands outside the documented wiki paths.
Incorrect, poisoned, or sensitive entries in wiki.json could influence future agent responses or cause the agent to look up unintended local memory sources.
The wiki file is persistent context that can be reloaded and used to recover definitions or follow source references into memory/vector-store content.
compact 后认知丢失 → ... cat wiki/wiki.json ... 如需详细内容 → 从 source 字段路径读取 memory/ 向量库
Keep wiki.json under user control, avoid storing secrets or private details as keywords/definitions, and restrict source paths to expected memory or skill locations.