Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Semantic Vector Store
v0.1.0提供文本向量化、持久化存储及基于余弦相似度的语义搜索,支持增量索引和多后端适配。
⭐ 0· 141·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description describe a vector store and the included code implements a local SQLite+FAISS-backed vector store with embedding support — this is coherent. However, the SKILL.md claims multi-backend support (Pinecone, Weaviate) while the code focuses on local SQLite+FAISS; the registry metadata declares no required env vars while SKILL.md documents several configuration env vars (SEMANTIC_VECTOR_DB_PATH, EMBEDDING_MODEL, etc.). No homepage or source is provided (unknown origin).
Instruction Scope
Runtime instructions and examples are limited to expected operations (init, embed, add, search). The implementation writes a database file under the user's home (~/.config/cortexgraph/semantic_vectors.db) and reads/writes FAISS index files and .ids.pkl files. The code uses pickle to serialize/deserialize embeddings and ID mappings; untrusted or tampered DB/index files could lead to unsafe pickle deserialization. SKILL.md does not warn about this or about trusting DB files.
Install Mechanism
There is no install spec in the registry (instruction-only), but the shipped Python file depends on external packages (sentence-transformers, faiss, numpy) with no declared installation steps or dependency manifest. SKILL.md shows a 'clawhub install' command but there is no explicit dependency installation instructions or pinned sources, which may confuse users and lead to manual, ad-hoc installs.
Credentials
The registry lists no required env vars or credentials, yet SKILL.md documents several configurable env vars (DB path, EMBEDDING_MODEL, VECTOR_DIMENSION, SIMILARITY_THRESHOLD). No credentials are requested (no network API keys), which is proportional to a local vector store. The mismatch between registry requirements and documented env vars is an inconsistency to be aware of.
Persistence & Privilege
The skill persists data to disk in a user config directory and saves FAISS index files and pickle id-maps — this is expected for a vector store. The skill is not marked 'always: true' and does not claim to alter other skills' configs. The notable risk is the local persistence format (pickle), which can execute code when loading if files are maliciously modified.
What to consider before installing
This skill appears to implement a local vector store (SQLite + optional FAISS) and mostly does what it claims, but exercise caution: 1) There is no verified source/homepage — only run it if you trust the publisher or after reviewing the code. 2) Dependencies (sentence-transformers, faiss, numpy) are not declared in the registry; install them in a controlled virtual environment. 3) The implementation uses pickle for persisted data and ID maps — do not point the skill at untrusted DB or index files (pickle deserialization can run arbitrary code). 4) SKILL.md advertises multi-backend support and environment variables, but the code primarily supports a local SQLite+FAISS path — verify the connectors you need are actually implemented. 5) If you decide to install, run it inside an isolated environment (container/VM) until you confirm behavior; consider reviewing the rest of the code (the truncated portion) to ensure there are no network callbacks or hidden endpoints.Like a lobster shell, security has layers — review code before you run it.
latestvk97er7j63jr1w0js1sm9mym60x8345p8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.