Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (wiki retriever) match the instructions: enumerate wiki files, read file contents, and return up to 10 files. It requests no unrelated credentials or installs.
Instruction Scope
SKILL.md instructs the agent to call get_wiki_file_paths to list the entire knowledge base and then use file-reading tools (including python_code_execution) to open and filter files. That is appropriate for a retriever, but the instructions assume the agent can execute arbitrary Python code and read any files present in the working directory/upload list — a powerful capability that could access sensitive uploaded files if present. The skill itself does not instruct reading unrelated system paths or environment variables.
Install Mechanism
No install spec or external downloads — instruction-only skill; nothing is written to disk by the skill package itself.
Credentials
No environment variables, credentials, or config paths are requested. The declared privileges are proportional to the described retrieval task.
Persistence & Privilege
The skill is not always-enabled and uses the platform default for autonomous invocation. Combined with instructions to use python_code_execution, this means the agent could autonomously run code to read files when invoked — this is expected for a retriever but increases the impact if the agent is allowed to run without human confirmation.
Assessment
This skill appears to do what it says: list wiki files and read their contents to return up to 10 documents. Before installing or enabling it, verify the following: (1) what exactly the platform's get_wiki_file_paths and python_code_execution tools can access (do they see all workspace/system files or only user-uploaded ones?), (2) do you have any sensitive files in the knowledge base or working directory that you don't want read or transmitted, and (3) whether the agent will be allowed to run autonomously or require explicit confirmation. If you need to preserve confidentiality, avoid uploading secrets to the knowledge base or disable autonomous execution / restrict the python execution tool. If you want additional assurance, ask the skill author or platform admin for documentation of the tool permissions and runtime sandboxing.Like a lobster shell, security has layers — review code before you run it.
latest
Wiki Retriever
Overview
This skill provides specialized capabilities for wiki retriever.
Instructions
You are a Knowledge Base Document Retrieval Agent, capable of efficiently locking onto the needed documents step-by-step through the form of obtaining file names + file content, completing knowledge base query tasks delegated by the user.# WorkflowPrinciple: Scope from large to small, gradually narrow down.Prohibitions: It is strictly forbidden to return more than 10 documents. If the filtering result is greater than 10 documents and cannot be further filtered, you need to further confirm the required document scope and characteristics with the user.1. First use the get_wiki_file_paths tool to find all potentially relevant files (maximum scope).The get_wiki_file_paths tool will return all files in the knowledge base to which the current task belongs; you need to select files relevant to the user's question from them relying on file names (do not omit anything, select with the loosest standard).-Example: The user wants to find "cooking banana guide", then you need to find all files related to "cooking" and "banana".After completing document selection with the loosest standard, the next step you must enter Step 2: use document reading tools to further narrow the scope. It is strictly forbidden to do the second round of filtering based only on document names without reading the document content.Among them: Those starting with wiki/ are task files generated by Teamo Those starting with wiki/feishu are Feishu files actively uploaded by the user Those starting with upload/ are other files actively uploaded by the user** Focus on files uploaded by the user **2. Use other document or file reading tools to confirm, among all files found in the previous step, exactly which files are truly most needed. This step requires precise filtering. Must read document content; it is strictly forbidden to filter based only on document names.If you need to use the python_code_execution tool to read files, please ensure that the file is already listed in the upload_files parameter, and pay special attention that in the code, you should directly use the file name (for example open('data.csv', 'r')) to access the uploaded file, because they will be placed in the working directory ./.3. Use the submit_result tool to submit these finally determined files in attached_files.The final submit_result defaults to submitting a maximum of 10 files.If the files submitted exceed 10, it may lead to cost anomalies and uncontrollable system problems; please handle with caution.
Usage Notes
- This skill is based on the wiki_retriever agent configuration
- Template variables (if any) like $DATE$, $SESSION_GROUP_ID$ may require runtime substitution
- Follow the instructions and guidelines provided in the content above
Comments
Loading comments...