Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Huo15 Openai Knowledge Base
v0.8.0火一五知识库技能 - 基于 Andrej Karpathy 的 LLM Knowledge Bases 方案。每个企微 Agent 独立隔离,自动在 Agent 工作目录下创建专属知识库。触发词:知识库、入库知识库、查询知识库、编译知识库、体检知识库、同步知识库、激活知识库。
⭐ 0· 18·0 current·0 all-time
byJob Zhao@zhaobod1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (agent-isolated knowledge base) matches the included scripts (init, ingest, compile, search, lint, activate, install-all-agents). Nothing in the files requests unrelated cloud credentials or capabilities beyond reading local OpenClaw config and manipulating per-agent kb folders.
Instruction Scope
Runtime instructions and scripts operate on agent KB directories (~/ .openclaw/agents/{agent}/agent/kb), generate prompts for LLM compilation, and instruct use of OpenClaw to call LLMs. They also include an optional admin helper (install-all-agents.sh) that will initialize KBs for all agents when run. Scripts read local models.json (to obtain provider config) and agent files — which is consistent with the stated purpose but worth noting.
Install Mechanism
This is an instruction-only skill (no install spec). It includes many shipped scripts which will be placed under the skill folder when installed. There is no remote download/install step in the spec, so no high-risk external install mechanism detected.
Credentials
The skill declares no required env vars, but the scripts use AGENT_DIR (fallback to ~/.openclaw/agents/...) and the Python tool loads models.json from agent or main agent to obtain provider baseUrl and apiKey. Access to local LLM provider credentials is proportional and expected for performing LLM calls; no unrelated secrets are requested.
Persistence & Privilege
always:false and normal autonomous invocation are used. The skill will create and write files under agents' agent/kb/ directories and the admin script (install-all-agents.sh) can initialize KBs across all agents — this is expected for an admin operation but is a potentially wide-impact action if run unintentionally.
Assessment
This skill appears to do what it says: create per-agent knowledge directories, ingest documents, generate LLM compilation prompts, and call the LLM provider configured in your local OpenClaw models.json. Before installing or running scripts, consider: (1) models.json contains your LLM provider baseUrl and apiKey — the skill will read and use those to call that provider, so ensure the provider endpoint is trusted; (2) the scripts will create and write files under ~/.openclaw/agents/... (and install-all-agents.sh will modify every agent directory it finds) — back up agent data if needed and avoid running the admin script unless you intend to initialize all agents; (3) some scripts assume tools like node and use platform-specific sed flags (portability issues) — review and test in a safe environment; (4) if you have sensitive data in agent folders, be aware the skill will read/write inside those agent directories as part of normal operation. Overall, nothing is disproportionate or covert, but review models.json and run the admin script only with deliberate intent.Like a lobster shell, security has layers — review code before you run it.
latestvk975xq5sgghfn6y1xavrf4k0hs84e5hb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.