Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Knowledge Engine
v0.3.2个人知识引擎。搜索已有概念、添加新概念(自动去重)、查看信念状态、执行知识蒸馏、生成可视化图谱。当你需要:(1) 查找之前积累的知识和洞察 (2) 记录新的学习和思考 (3) 追踪信念的变化 (4) 从碎片概念中提炼高层规律 (5) 可视化知识图谱
⭐ 0· 86·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the included code: the package implements concept CRUD, beliefs, distillation, visualization and a Python API. However, the code's default data paths climb multiple directories (DB_PATH and memory/ paths use ../../..), which likely creates a memory/ directory outside the skill folder (e.g., workspace-level memory). That is disproportionate to a self-contained skill and could persist data in a shared location unless overridden by KNOWLEDGE_DB.
Instruction Scope
SKILL.md instructs the agent to run the included Python scripts (search/add/link/synthesis/visualize). Those scripts operate on local SQLite and JSON files and log usage queries. This stays within the stated purpose, but the runtime instructions and scripts will create/modify files on disk and record query text (usage_log). Also SKILL.md claims 'no network' and 'pure stdlib'; visible code matches that so far, but several files were truncated in the package listing so hidden network I/O can't be fully ruled out.
Install Mechanism
There is no install spec in the registry entry (instruction-only). README suggests cloning or using an external installer (npx clawhub), but the skill bundle itself has no automated installer and uses only standard Python scripts — low install risk. No downloads or extract operations in the package metadata.
Credentials
The skill declares no required environment variables or credentials. The code does read an optional KNOWLEDGE_DB env var to override storage location, which is reasonable. No other credentials or external-service tokens are requested.
Persistence & Privilege
The scripts write persistent data (SQLite DB and JSON concept/belief files). The default DB_PATH and directories are computed by stepping three levels up from scripts/ to place memory/ at a higher-level path; that can cause files to be created outside the skill directory (potentially shared workspace memory). visualize.py is said to write to ~/Desktop and there is a screenshot.py file included — these indicate file writes to user locations and possible access to the display. The skill is not marked always:true, but it still gains persistent file-write capability which is broader than a pure read-only helper.
What to consider before installing
This skill largely matches its stated purpose (a local knowledge engine) and uses only Python standard libraries, but take a few precautions before installing or enabling it:
- Review and, if needed, override the storage path: the default DB_PATH builds a memory/ directory by moving up three directories from scripts/, which can create files outside the skill folder (workspace-level memory). Set KNOWLEDGE_DB to a safe path (inside a sandbox or the skill folder) before first run.
- Inspect the remaining/truncated source files (especially scripts/screenshot.py, visualize.py, and any omitted files) to confirm they do not perform unexpected network I/O or capture sensitive data. screenshot.py in particular could access the screen or create images; only accept it if you expect that behavior.
- Expect the skill to persist queries and concept data locally (usage_log stores queries). If you will store sensitive notes, consider encrypting the storage or running the skill in a restricted directory.
- Run the skill in a sandbox or test environment first (e.g., a throwaway workspace) to confirm where files are written and what gets created (memory/, knowledge.db, Desktop output). Verify the generated files and permissions.
- If you plan to let other agents call the ke API, remember that any agent with access can read the stored knowledge; only allow trusted agents to use this skill.
If you want, I can: (1) inspect the truncated files (provide their contents) for network calls or risky operations, or (2) suggest a safe configuration (exact KNOWLEDGE_DB and directory layout) to limit where the skill writes data.Like a lobster shell, security has layers — review code before you run it.
latestvk97ba836kxynnfqyxxrvvf5mmd83r49b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.