Chroma Vector Db

v0.1.0

Chroma 向量数据库：Rust 内核（v1.0.0+ 重写，2025-03），多语言客户端SDK。单节点用 PersistentClient（SQLite + 本地 HNSW）或 EphemeralClient（内存）；分布式 / 云用 SPANN + BLOCKFILE on S3/GCS。 Chroma...

⭐ 0· 72·0 current·0 all-time

byTang Weigang@tangweigang-jpg

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tangweigang-jpg/chroma-vector-db.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Chroma Vector Db" (tangweigang-jpg/chroma-vector-db) from ClawHub.
Skill page: https://clawhub.ai/tangweigang-jpg/chroma-vector-db
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install chroma-vector-db

ClawHub CLI

Package manager switcher

npx clawhub@latest install chroma-vector-db

Security Scan

Capability signals

CryptoRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

SKILL.md/metadata present this as an AI-engineering knowledge skill that requires 'no installation' and declares no binaries or env vars, yet the included seed.yaml and preconditions clearly expect python3, SQLite (≥3.35.0), the zvt package, writable ZVT_HOME (~/.zvt), and potentially a Rust toolchain or Docker for server builds. These runtime needs are not declared in the skill manifest, which is inconsistent.

Instruction Scope

The instructions tell the host agent to re-read seed.yaml on any behavioral decision, run precondition shell checks (python -c 'import zvt', touch files, assert K-data present), and consult LATEST.yaml/LATEST.jsonl for traceback. Those steps involve executing host-side commands and reading/writing local filesystem paths — scope beyond a simple 'knowledge' skill and not limited to the stated purpose.

✓

Install Mechanism

No install spec or archive downloads are included (instruction-only). This minimizes supply-chain risk because nothing is automatically written or fetched by the skill itself.

Credentials

The manifest lists no required environment variables or credentials, yet instructions reference ZVT_HOME, require SQLite/Python, and mention optional hosted embedding provider API keys. The absence of declared env requirements while expecting to access local config and optional provider keys is disproportionate and inconsistent.

ℹ

Persistence & Privilege

always:false and no install actions are declared (good). However, the seed.yaml's execution_protocol and workspace_resolution assume filesystem access and may cause repeated host-side checks; autonomous invocation is allowed (default) which increases blast radius if the host grants filesystem/command execution privileges. The skill does not request permanent inclusion or modify other skills.

What to consider before installing

This skill is instruction-only and sourced with no homepage; before installing consider: (1) It will ask the host agent to run Python/SQLite/zvt checks and touch files like ~/.zvt — run it only in an isolated environment or sandbox. (2) The skill manifest does not declare required binaries or env vars even though seed.yaml requires them — ask the publisher to provide a clear requirements list (python3 >=3.9, SQLite >=3.35, zvt, any provider API keys) and to confirm which host files will be read/written. (3) Seed.yaml may require reading LATEST.yaml / LATEST.jsonl; ensure those files don't contain secrets or sensitive configs before letting the agent access them. (4) If you need lower risk, request a version that documents required host commands and that can run in a container, or run the skill manually after inspecting seed.yaml and its referenced files. I have medium confidence due to the manifest/instruction mismatch; providing an explicit requirements manifest and confirmation that no external endpoints are contacted would raise confidence toward 'benign'.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Primary envknowledge

aivk97dgmqhyexc7nwgh5xb0qr9nh85gj8xdatavk97dgmqhyexc7nwgh5xb0qr9nh85gj8xlatestvk97dgmqhyexc7nwgh5xb0qr9nh85gj8xmlvk97dgmqhyexc7nwgh5xb0qr9nh85gj8x

72downloads

0stars

1versions

Updated 3d ago

v0.1.0

MIT-0

这个 skill 适合什么用户？能做哪些任务？

概览

Chroma 是 Rust 内核的开源向量数据库（github.com/chroma-core/chroma，v1.0.0+ 2025-03 重写）。单节点模式用 PersistentClient（SQLite 元数据 + 本地 HNSW 索引）或 EphemeralClient（内存）；分布式 / 云模式用 SPANN 索引+ 自研 BLOCKFILE 存储 on S3/GCS。

数据路径：Client Factory → API 层（v1.0.0 起 Rust 默认）→ Segment 层（本地 2 段 / 分布式 3 段）→ Index（HNSW 或 SPANN）→ 持久化。Embed...

Doramagic 晶体页: https://doramagic.ai/zh/crystal/chroma-vector-db

知识规模

52 条约束 (3 fatal + 49 non-fatal)
上游源码: chroma-core/chroma @ commit 598f85f0
蓝图 ID: finance-bp-138

用法

Host AI（Claude Code / Cursor / OpenClaw）读 references/seed.yaml，按其中的：

intent_router 匹配用户意图
architecture 理解项目架构
constraints 应用 anti-pattern 约束
business_decisions 参考核心设计决策

FAQ 摘要

这个 skill 适合什么用户？能做哪些任务？

适合需要向量数据库支持 RAG / 推荐 / 语义搜索的工程师：原型开发用EphemeralClient，本地小规模用 PersistentClient，生产分布式用云SPANN。25+ EmbeddingFunction 一键切换。访问 doramagic.ai/r/chroma 查看完整用例。

需要准备什么环境？依赖什么？

SQLite ≥ 3.35.0 是硬要求（chromadb/init.py:137-155 检查并 raise，Colab 自动 hot-swap 到 pysqlite3-binary）。Python ≥ 3.9。服务端 / 分布式需要 Rust 工具链或预构建 docker。可选：hosted EF 的 provider API key（OpenAI / Cohere 等）。

会踩哪些坑？这个 skill 怎么防护？

本 skill 内置 52 条约束（3 条 fatal）。典型踩坑：(1) cosine 实现实际是 1 - dot(a,b)，假定向量预归一化——未归一化数据score 会偏；(2) v1.0.0 Rust 默认静默忽略 4 个旧 Python 设置（chroma_server_nofile 等）——配置文件没报错但不生效；

完整文档: 见 references/seed.yaml (v6.1 schema). 浏览页: https://doramagic.ai/zh/crystal/chroma-vector-db

Comments

Loading comments...