ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RAGLite

v1.0.0

Local-first RAG cache: distill docs into structured Markdown, then index/query with Chroma + hybrid search (vector + keyword).

0· 1.3k·0 current·0 all-time
byViraj Sanghvi@virajsanghvi1·duplicate of @virajsanghvi1/raglite
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to be a local-first RAG cache (Chroma + ripgrep) but the registry metadata only requires python3/pip; the SKILL.md also lists ripgrep and a reachable Chroma server as prerequisites. The SKILL.md further advertises OpenClaw as the default condensation engine, which implies network interaction outside the local components — this is not reflected in the declared requirements. In short: some required tools and network dependencies the docs mention (rg, OpenClaw gateway) are not declared in the skill metadata.
!
Instruction Scope
Runtime instructions and the entrypoint script automatically inject '--engine openclaw' when the user does not supply an --engine argument, which will cause the tool to use the OpenClaw gateway by default (possible remote model service). That can result in document content being sent off-machine unless the user explicitly overrides the engine. The SKILL.md mentions OPENCLAW_GATEWAY_TOKEN but the skill does not declare or require that env var — the runtime instructions therefore rely on an undocumented sensitive variable and network endpoint.
!
Install Mechanism
Installation is via pip from a GitHub repository using the @main ref (git+https://github.com/VirajSanghvi1/raglite.git@main). Installing from an unpinned main branch means you fetch whatever is on that branch at install time (no fixed release, no checksum). pip installing a remote VCS package can execute package install hooks; while common, it is a higher-risk install method than a pinned release from a verified registry.
!
Credentials
The registry lists no required env vars but the documentation references OPENCLAW_GATEWAY_TOKEN when using the OpenClaw engine. That is a sensitive credential-like variable and should be declared if the skill expects it. Also the skill expects ripgrep and a reachable Chroma server, but these binaries/network services are not declared in the metadata. The mismatch between declared and actual env/network needs is disproportionate and could surprise users.
Persistence & Privilege
The skill does not request permanent inclusion (always:false), does not modify other skills or system-wide settings, and confines installed packages to a skill-local virtual environment. Entrypoint execution is normal for an exec-style skill.
What to consider before installing
Key things to check before installing/using RAGLite: - Understand the default engine behavior: the provided wrapper script will inject '--engine openclaw' if you don't pass --engine yourself, which causes the tool to use the OpenClaw gateway by default. That may send distilled document content to that gateway — do not run it on sensitive docs unless you trust the gateway and its operator. - OPENCLAW_GATEWAY_TOKEN is referenced in the docs but not declared in the skill metadata. Treat that as a sensitive credential: only set it if you trust the gateway and understand where requests go. - The install performs 'pip install git+...@main' (unpinning to main). Review the GitHub repo (https://github.com/VirajSanghvi1/raglite) before installing, and prefer a pinned release or commit SHA to avoid unexpected changes. Consider auditing the package's setup/entry points. - Ensure required local dependencies are present: python3 (3.11+), pip, ripgrep (rg) for keyword search, and a Chroma server if you intend to index locally. The skill metadata only listed python3/pip — install rg yourself if you need keyword matching. - If you want strictly local operation, explicitly pass a local engine (do not rely on the default) and confirm the tool is not configured to point to a remote Chroma instance or gateway. Run the install in an isolated environment (VM/container) if you want to limit risk. - If unsure, request the upstream repository URL and review its code (especially any install-time hooks) or ask the provider to publish a tagged release and declare required env vars.

Like a lobster shell, security has layers — review code before you run it.

latestvk97846419gadmv6naj63pjrbqn80j1eg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔎 Clawdis
OSmacOS · Linux
Binspython3, pip

Comments