Knowledge Base Collector
PassAudited by ClawScan on May 1, 2026.
Overview
The skill matches its stated knowledge-base purpose, but saved links, screenshots, and extracted text may persist and some URLs are fetched through an external service.
This appears safe for its stated purpose. Before installing, be comfortable with persistent storage under the KB folder and with URL extraction through r.jina.ai; redact screenshots, OCR text, and notes that contain secrets, tokens, verification codes, or private links.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or sensitive URLs may be visible to the external extraction service used to fetch page content.
URL ingestion sends the user-provided URL to the external r.jina.ai extraction service, which is disclosed and purpose-aligned but crosses a data boundary.
rurl = "https://r.jina.ai/" + url
Avoid ingesting confidential links through this path unless you are comfortable sharing the URL with the extraction provider.
Sensitive or misleading content saved into the KB may remain available to later searches, summaries, or Telegram Q&A workflows.
The skill intentionally persists collected web, screenshot, and note content for later search and Q&A use.
Store: writes to a shared KB folder with per-item `content.md` + `meta.json` and a global `index.jsonl`
Redact secrets before saving, periodically review the KB, and treat retrieved web/screenshot text as untrusted source material.
If used, the agent may execute a fetch operation on a connected Mac rather than only on the server environment.
The optional WeChat fallback can run fetching code on a connected macOS node; this is disclosed and aligned with the WeChat collection purpose, but it is a broader tool path than the local scripts.
可用 `nodes.run` 在节点上执行抓取(requests+bs4),然后写入 KB。
Confirm the target node and exact action before allowing nodes.run, and prefer the placeholder/manual path for sensitive WeChat content.