ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

claw-local-knowledge

v1.0.0

本地知识库技能,用于添加和检索知识。当用户需要将文档(docx/pdf/xlsx/pptx)添加到知识库时使用本技能,或在需要从知识库中检索相关知识时使用。

1· 37·0 current·0 all-time
byZexun Lin@overdue-lin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the declared behavior: converting uploaded docx/pdf/xlsx/pptx to markdown, storing them under .openclaw/workspace/memory/knowledge_base and maintaining an index. Requested resources (none) and file paths are consistent with a local knowledge-base skill.
Instruction Scope
Instructions are mostly within scope (scan temp_file, convert to markdown, clean text, update index, delete originals). However the README/SKILL.md recommend injecting text into SOUL.md to enable proactive loading — that directs the agent to modify workspace-level configuration controlling agent behavior and goes beyond pure ingestion/retrieval.
Install Mechanism
No install spec and no code files present. Instruction-only skills are lower-risk from an install perspective because nothing is downloaded or executed by an installer.
Credentials
No environment variables, credentials, or external endpoints are requested. All file accesses are local and proportional to the stated purpose.
!
Persistence & Privilege
The skill suggests injecting directives into SOUL.md to make the agent proactively load the skill when uncertain. Writing such persistent instructions into a workspace/agent config increases the skill's persistence and ability to influence agent behavior; this is a meaningful privilege and should be explicitly authorized by the user.
Scan Findings in Context
[no_code_files_to_scan] expected: The regex-based scanner had no code files to analyze because this is instruction-only (SKILL.md plus docs). Absence of findings does not guarantee safety; review the prose instructions (which we did).
What to consider before installing
This skill appears to do what it says (convert and index local documents and read them back), and it does not request credentials or external network access. However it recommends injecting lines into SOUL.md so the agent will proactively load the skill — that modifies workspace/agent behavior and increases persistence. Before installing: 1) Confirm you want the agent to automatically consult this local knowledge store and allow the skill to write to SOUL.md or workspace files; 2) Review and approve any exact text the skill will append to SOUL.md; 3) Ensure uploaded files in .openclaw/workspace/temp_file/ don't contain secrets you wouldn't want stored in the workspace (the skill will convert and save contents to markdown); and 4) if you prefer less persistence, do not apply the SOUL.md injection and only invoke the skill manually. If you want more assurance, request the author add an explicit, one-time opt-in step for modifying SOUL.md rather than automatic injection.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c7cdy8nd3vyvepwa3dcqdpd844h5a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments