Knowledge
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may fail, or it may run unreviewed local/dependency code to access the knowledge base and API service, so the actual behavior cannot be confirmed from these artifacts.
All meaningful operations call handle_request, but the provided manifest includes only openclaw_skill.py and SKILL.md; the referenced scripts/openclaw_integration helper is not included or pinned.
sys.path.insert(0, str(Path(__file__).parent / "scripts")) from openclaw_integration import handle_request
Require the publisher to include and review the missing helper module, or verify the exact local scripts/openclaw_integration.py file yourself before installing or invoking the skill.
Files added to the knowledge base may be reused in later answers or surfaced in document previews, including sensitive content if the user uploads it.
The skill advertises adding uploaded files to a persistent local knowledge base, but the artifacts do not describe retention, deletion, exclusions, or how retrieved content should be treated.
📤 投喂功能: - 直接上传文件即可添加到知识库
Only add files you intend to make searchable, keep the knowledge base curated, and confirm how to remove documents and prevent untrusted document text from being treated as instructions.
A query may be sent to the local API/AnythingLLM path rather than only answered inside the wrapper code, so users should understand where their prompts and document-derived content go.
Queries can be automatically routed through the integration handler to the local knowledge base or AnythingLLM mode; the downstream service configuration is not visible in the provided artifacts.
params = {'query': query, 'mode': mode, 'auto': True}
result = handle_request('query', params)Verify that the localhost API and AnythingLLM instance are trusted, local as expected, and configured not to forward sensitive queries to unintended providers.