Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Qmd Memory 1.0.0
v1.0.0Enables local hybrid memory search using QMD with optimized collections, automatic indexing, and multi-agent sharing to reduce API costs by $50-300/month.
⭐ 0· 308·1 current·1 all-time
by@sieyer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (local hybrid memory with QMD) match the included scripts and SKILL.md. The setup script installs a QMD CLI, configures collections from your workspace, and runs indexing/embeddings — all consistent with building a local search/indexing system to replace remote memory API calls.
Instruction Scope
SKILL.md instructs the agent/user to run setup which scans the workspace path (default $HOME/.openclaw/workspace or OPENCLAW_WORKSPACE) and creates QMD collections, runs qmd update/embed, and can start a local MCP server. These actions are expected for the feature, but they will read and index files under the workspace (including any sensitive .md files), and run commands that download models and generate embeddings. The skill does not request unrelated system credentials or attempt to read unrelated system paths.
Install Mechanism
No formal install spec in registry, but scripts call npm install -g @tobilu/qmd during setup. Installing an npm package globally and running it is necessary for the skill's functionality but has moderate risk: it executes third-party package code and triggers model downloads (~2GB) on first run. The model download sources are not enumerated in the skill bundle (they are performed by the qmd tool), so verify the upstream package and its model sources before running.
Credentials
The skill declares no required environment variables or credentials. The setup script uses an optional OPENCLAW_WORKSPACE env var to locate files — that is proportionate. No secrets or tokens are requested or referenced by the skill bundle.
Persistence & Privilege
always:false and no modifications to other skills or global agent configs are present. The skill can start a local MCP server (qmd mcp --http --daemon) which creates a local PID file and listens on localhost:8181; this is a normal capability for sharing memory across co-located agents but does not imply system-wide privilege escalation.
Assessment
This skill appears to do what it says: it installs the QMD CLI, scans and indexes files in your specified workspace, and runs local embeddings and a local re-ranker. Before installing/running setup: 1) Inspect the npm package @tobilu/qmd on the npm registry/GitHub to confirm you trust the upstream publisher; npm -g will execute package install scripts and place a binary on your PATH. 2) Expect ~2GB of model downloads and non-trivial CPU/RAM/disk use during embedding; ensure you are comfortable with the network and storage usage. 3) The setup will scan and index files under your workspace (default ~/.openclaw/workspace) — do not run it against directories that contain secrets you don't want indexed. 4) The skill can start a local MCP server bound to localhost:8181 for multi-agent sharing; this is local-only but review whether you want that service running. 5) Minor inconsistency: skill.json references scripts/add-collection.sh but that file is not present in the bundle — consider that an omission and verify available commands before relying on them. If you have concerns, run the setup in an isolated/sandbox environment or manually run the commands in the scripts after reviewing them.Like a lobster shell, security has layers — review code before you run it.
latestvk9759ektnfgxw7gy4vxcfmd8fx824svq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.