ClawHub

Fox Ontology

v1.0.0

Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...

0· 57·2 current·2 all-time
by@tihuaqin-commits
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (typed knowledge graph for agent memory) match the provided SKILL.md and the included Python script: all operations (create/query/relate/validate) operate on a local JSONL graph and schema files. There are no unrelated required binaries or environment variables.
Instruction Scope
Runtime instructions operate on local storage (memory/ontology/graph.jsonl and schema.yaml) and describe entity CRUD, validation, and graph-based planning. The SKILL.md does not instruct the agent to read arbitrary system files or exfiltrate data. It recommends referencing secrets via secret_ref rather than storing secrets in plain properties; however this is guidance only (no external secret integration is implemented).
Install Mechanism
No install specification present (instruction-only with a script file). Nothing is downloaded or executed from external URLs and no package managers are invoked.
Credentials
The skill declares no required environment variables, credentials, or config paths. Example schema fields reference secret references (e.g., keychain:github-token) but the skill does not request or manage those secrets itself.
Persistence & Privilege
The skill is not force-installed (always:false) and does not request elevated platform privileges. It writes data to a workspace-local path (memory/ontology/graph.jsonl) which is appropriate for a local ontology; the included resolve_safe_path helper enforces staying inside the workspace root (reduces risk of path traversal).
Assessment
This skill appears internally consistent and implements a local, append-only ontology stored under memory/ontology/graph.jsonl. Before installing/use: (1) review the full scripts/ontology.py to confirm the truncated portions match the same local-only behavior; (2) be careful not to store raw secrets in entity properties—use secret_ref patterns and your own secret store instead (the skill only documents that practice; it does not enforce external secret storage); (3) note the skill writes files under your workspace (memory/ontology); if that is sensitive, choose a secure location or restrict access; (4) there is a small metadata mismatch in the bundled _meta.json ownerId vs the registry owner id—likely benign but worth noting. Overall the skill is coherent with its stated purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk97efer191x8xc1j5rtdab3x5h83tnmw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments