ClawHub

llm-wiki SKILL inspired by Karpathy

v1.0.0

Karpathy's llm-wiki pattern implementation — cumulative knowledge management for AI agents

0· 11·0 current·0 all-time
by@nemo4110
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (llm-wiki) align with required files and behavior: reading sources/, writing wiki/ pages, and maintaining log.md. No unrelated cloud credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md and CLAUDE.md instruct the agent to read/write files under the project (sources/, wiki/, log.md) and to run optional CLI/scripts. This is expected for a wiki skill. One item to note: hooks (optional) can run shell commands if enabled — the repository recommends not using hooks by default, but enabling them would allow command execution.
Install Mechanism
No download-from-URL installers or opaque binaries are present. It's instruction-only for protocol mode; optional installation uses pip/conda/uv to install requirements.txt (standard Python packages: click, pyyaml, pdfplumber, pdfminer.six). No high-risk install sources or extract-from-IP behavior detected.
Credentials
The skill requires no environment variables or credentials. It inspects common environment state (virtualenv, CONDA_PREFIX) to pick a Python runtime — this is proportionate to providing an optional CLI. No secret-named env vars or unrelated service tokens are requested.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill operates on user project files (wiki/ and sources/) which is appropriate. Exercise normal caution because the agent can be instructed to modify files — this is the skill's purpose. Hooks can increase privilege if configured.
Assessment
This skill appears to do what it says: manage a local Markdown wiki using the agent. Before installing or running it: 1) Understand it will read and write files under the project (wiki/, log.md) and may execute included scripts if you run the CLI or enable hooks. 2) If you plan to ingest PDFs, install the pinned safe versions of pdfplumber/pdfminer.six as documented (they cite a CVE and require updated versions). 3) Review and avoid enabling any optional hooks you don't trust — hooks can run shell commands. 4) Run in a contained environment (virtualenv/conda) if you want to limit side effects, and inspect scripts like init-wiki.sh/read_pdf.py before executing. Overall the skill is internally consistent and does not request disproportionate privileges or hidden network access.

Like a lobster shell, security has layers — review code before you run it.

DEMOvk972h8gp4eveq061b6hz05hyzh84s9c8latestvk972h8gp4eveq061b6hz05hyzh84s9c8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments