Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sumo Notebook RAG
v1.0.0搜尋並返回 SumoNoteBook 知識庫中與查詢相關的前三條文字內容預覽作為參考依據。
⭐ 0· 48·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Stated purpose (search SumoNoteBook .md files and return top-3 results) matches the steps in SKILL.md. However, the skill implicitly requires local components (Ollama embedding endpoint, LanceDB vector DB, Node scripts, and a specific Windows directory) that are not declared in the registry metadata. The declared 'no required binaries/envs' is therefore incomplete.
Instruction Scope
Runtime instructions explicitly direct the agent to read local file-based knowledge (SumoNoteBook .md files), call a local Ollama endpoint (http://localhost:11434), and use LanceDB located under the agent's memory path (and a Windows path is referenced). These file and service accesses are within the described search purpose but are sensitive (reading many local files) and the instructions assume availability of specific scripts and paths on the host system.
Install Mechanism
No install spec and no code files are included, which limits disk writes by the skill itself. That lowers risk compared with an installer that downloads and executes arbitrary code. However, the skill assumes external components are already installed (Ollama, Node, LanceDB) but does not declare them.
Credentials
The skill declares no required environment variables or credentials, which aligns with a local-only knowledge retrieval tool. But it expects access to local directories and services (localhost Ollama, C:\butler_sumo, ~/.openclaw/lancedb-pro). Access to these paths and services can expose sensitive local data; the lack of explicit dependency declarations is misleading and hinders a correct risk assessment.
Persistence & Privilege
always:false (not force-included) and no indications the skill modifies other skills or global agent config. Autonomous invocation is allowed (platform default), which is expected for skills of this type but increases blast radius if the skill is granted broad local file access.
What to consider before installing
This skill appears to be a local knowledge-base searcher, but the SKILL.md assumes you already have: a running Ollama daemon (http://localhost:11434), LanceDB with a sumo_notebook table, Node.js, and the two Windows scripts under C:\butler_sumo\... — none of which are declared in the metadata. Before installing or enabling: 1) Verify those paths and scripts exist on the host and inspect the script contents (ingest_notebook.mjs, query_notebook.mjs) so you know what they read/transmit. 2) Confirm you are comfortable the agent will read the specified local markdown files (these may contain sensitive data). 3) Ensure Ollama and LanceDB are trusted and correctly configured (they run locally but may expose data if misconfigured). 4) If you expect this to run on a non-Windows host or in a sandbox, update the skill metadata to list required binaries (node, Ollama), paths, and any network endpoints; ask the publisher to correct the missing dependency declarations. If the author can provide an install spec or explicit list of required components and an explanation of why those specific local paths are needed, that would reduce the ambiguity and could change this assessment.Like a lobster shell, security has layers — review code before you run it.
latestvk970j9g3jzdqzk2ne85typvq5s84bvar
License
MIT-0
Free to use, modify, and redistribute. No attribution required.