semfind
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent local semantic-search helper, with the main things to notice being an external pip install/model download and local embedding caches.
This appears safe to use for its stated purpose if you are comfortable installing the external package. Be careful which files you point it at, especially logs, notes, and memory files, and use `--no-cache` or clear the cache when searching highly sensitive content.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and running the tool means trusting the external package and model source, even though the skill instructions themselves are coherent.
The skill depends on an external pip package and downloaded model that are not included in the reviewed artifacts or pinned by an install spec.
Install with `pip install semfind` ... First run downloads a ~65MB model
Install only from a trusted package source, consider pinning a known-good version, and verify the package/model provenance before using it on sensitive files.
Searches over sensitive local files may leave derived embedding data in a local cache after the command finishes.
The tool is intended to process potentially private local text and persist embedding data locally for reuse.
Ideal for searching memory files, project docs, logs, and notes by meaning ... Embedding cache in `~/.cache/semfind/`, auto-invalidates on file changes
Use explicit, narrow file paths; use `--no-cache` for especially sensitive searches; and clear `~/.cache/semfind/` if cached embeddings should not persist.