ClawHub

Deepvista Recipe Import Files

v0.1.0-alpha.18

Recipe: Import files from the current directory (recursively) as context cards in DeepVista. TRIGGER when: user wants to import files as cards, "index this f...

0· 48·1 current·1 all-time
byJing Conan Wang@jingconan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description ask to import files into DeepVista and the skill requires the deepvista binary and installs deepvista-cli; that is proportionate and expected.
Instruction Scope
Instructions explicitly walk the agent to recursively find and read local files and call `deepvista card create --content-file <absolute-path>` to upload them. This is within the stated purpose, but it implies bulk exfiltration of any matched files (including secrets) unless the agent/user excludes them. The SKILL.md warns to confirm and to exclude noise dirs, but does not explicitly call out sensitive files like .env, secret keys, or credential stores.
Install Mechanism
Install uses the declared 'uv' package (deepvista-cli) which creates the deepvista binary. No arbitrary URL downloads or extract-from-unknown-host indicators are present in this recipe.
Credentials
This skill declares no env vars or credentials itself, which is appropriate. However it references deepvista-shared for auth and global flags — that related skill likely handles credentials (API key/token). You should review deepvista-shared to see what secrets are required and where they are stored.
Persistence & Privilege
The skill is not always:true, does not request elevated or persistent system-wide privileges, and does not modify other skills' configs. It is user-invocable and can be invoked autonomously by the agent (the platform default).
Assessment
This recipe will read many files from the scanned directory and upload their contents to your DeepVista account. Before running: 1) Confirm the exact directory, file-extension filters, and explicit exclusions (add .env, secret keys, config files, SSH keys, and any credential stores to exclusions). 2) Review the deepvista-shared skill to see what credentials/endpoints will be used and where they are stored. 3) Test on a small subset of non-sensitive files first. 4) Prefer importing only specific subdirectories (e.g. src/) rather than the entire repo. If you need guarantees about not uploading secrets, do not run a full recursive import until you have audited the directory contents.

Like a lobster shell, security has layers — review code before you run it.

Plugin bundle (nix)
Skill pack · CLI binary · Config
SKILL.mdCLIConfig
CLI help (from plugin)
deepvista card create --help
latestvk977p3qqf8fx7xn1kwrnjyg13184kg7y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsdeepvista

Install

uv
Bins: deepvista
uv tool install deepvista-cli

Comments