ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

aupu-knowledge-base

v1.0.1

当用户提及任何与本地文档、知识库、参考资料、历史记录、配置文件、说明文档、内部资料、已有内容、文件创建/读取等相关需求时,必须使用本技能从 /mnt/data 目录中检索或操作文件。

0· 291·1 current·1 all-time
byjianyi@jianeasy

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jianeasy/aupu-knowledge-base.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "aupu-knowledge-base" (jianeasy/aupu-knowledge-base) from ClawHub.
Skill page: https://clawhub.ai/jianeasy/aupu-knowledge-base
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install aupu-knowledge-base

ClawHub CLI

Package manager switcher

npx clawhub@latest install aupu-knowledge-base
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description claim local knowledge-base access under /mnt/data, and the SKILL.md indeed instructs exactly that. No unrelated binaries, credentials, or installs are requested — the purpose and required capability are aligned.
!
Instruction Scope
The instructions require the agent to automatically scan /mnt/data and subdirectories for many file types and to trigger on a wide set of common keywords (e.g., '文档', '记录', '参考', '在哪里找', etc.). It explicitly says to attempt a lookup even when the user did not mention /mnt/data or a filename. That gives the skill broad discretion to read arbitrary local files and to activate frequently on ambiguous user input — this is scope creep relative to explicit, user-authorized file access.
Install Mechanism
Instruction-only skill with no install spec or code files. This is low-risk from an installation perspective (nothing gets written or executed on disk by an installer).
Credentials
No environment variables, credentials, or config paths are requested. However, the skill implicitly requires broad read access to the host's /mnt/data filesystem (and expects WebDAV mounts). That level of filesystem access can expose unrelated sensitive files; the skill does not declare any limits or filters to reduce that exposure.
!
Persistence & Privilege
always:false (good), but autonomous invocation is allowed (default). Combined with the aggressive trigger rules, the skill can be invoked frequently and will read local files whenever common keywords are used. Autonomous invocation alone is normal, but here it increases the risk because triggers are broad and file access is unrestricted.
What to consider before installing
This skill will actively search and read files under /mnt/data whenever users mention many common terms (documents, manuals, deploy steps, templates, '有没有', '在哪里找', etc.), even if the user did not explicitly ask to read local files. Before installing: - Confirm whether /mnt/data contains any sensitive or private files (credentials, secrets, personal data). If it does, do not enable this skill without restricting its access. - Prefer a mode requiring explicit user consent or an explicit file-path input before any file read. - Limit triggers to narrower, more specific phrases or require an explicit opt-in step. - Test the skill in a sandboxed environment with only non-sensitive sample files. - If you must use it, log/monitor what files it reads and consider running the agent under a sandbox or with a filesystem permission boundary so the skill cannot access unrelated data. Given these broad automatic-scan rules, treat the skill as potentially privacy-invasive unless you can constrain or audit its file access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97afed848jappk9cbs166fp4n839gs9
291downloads
0stars
2versions
Updated 10h ago
v1.0.1
MIT-0
jianyi@jianeasy
latest
Download

知识库访问技能(Knowledge Base Access)

🚀 触发条件(高优先级)

只要用户表达出以下任一意图,立即启用本技能

  • 提到“知识库“、“文档”、“文件”、“资料”、“说明”、“手册”、“记录”、“历史”、“配置”、“模板”等词
  • 询问“有没有…”、“在哪里找…”、“之前说过…”、“根据…”、“参考…”
  • 要求“创建一个基于现有内容的文件”、“从文档中提取…”、“总结一下资料”
  • 涉及项目、产品、流程、规范、政策、日志、数据等具体实体,且未提供完整上下文
  • 用户请求看似“常识性”,但可能对应内部定制化内容(如“部署步骤是什么?”)

💡 即使用户没有明确写出 /mnt/data 或文件名,也应默认尝试在此目录中查找!

🔍 功能说明

所有结构化或非结构化知识均存储于:
📁 /mnt/data/

系统必须优先从此目录读取真实内容,而非依赖模型内置知识或猜测。

✅ 使用规范

  • 自动扫描 /mnt/data/ 及其子目录(支持 .pptx, .md, .txt, .json, .yaml, .csv, .pdf 等)
  • 若找到多个候选文件,优先选择路径最匹配、文件名最相关的
  • 若未找到,回复:“未在本地知识库(/mnt/data)中找到相关内容,请确认文件是否存在。”
  • 禁止编造不存在的文档内容

🌟 示例(扩大触发场景)

用户输入正确响应
“怎么部署服务?”检查 /mnt/data/docs/deployment.md 或类似文件
“有用户手册吗?”查找 /mnt/data/manuals/ 下的 PDF 或 Markdown
“上次会议纪要发我一下”搜索 /mnt/data/meetings//mnt/data/records/
“生成一个 API 调用示例”若存在 /mnt/data/examples/api/,从中提取模板
“公司有哪些部门?”检查 /mnt/data/org/structure.jsondepartments.md
“写个 README”查看 /mnt/data/templates/README.md 是否存在

⚠️ 注意事项

  • WebDAV 挂载点必须处于活跃状态
  • 文件名和路径区分大小写
  • 优先解析结构化格式(JSON/YAML/Markdown),提升准确性
  • 宁可多查,不可不查:不确定时,先查 /mnt/data

启用后,任何涉及“信息查询”、“内容生成依据”、“文件操作”的请求,默认关联本技能

Comments

Loading comments...