太湖云水务知识库
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches a water-equipment knowledge-base assistant, but it has unclear external AI-provider data flow and several persistence/installation details users should review first.
Review the external provider configuration before installing, especially the DashScope embedding endpoint versus the documented OpenAI key. Use environment variables for credentials, verify any missing setup scripts before running them, disable cron jobs unless you need automatic updates, and configure log redaction/retention if users may enter contact details.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Questions typed into the assistant may be transmitted to an unexpected external AI provider.
The query embedding call uses an Aliyun DashScope endpoint, while the setup text describes an OpenAI API key. This means user queries may be sent to a provider that is not clearly disclosed to the user.
OpenAIEmbeddings(
model=EMBEDDING_MODEL,
base_url="https://dashscope.aliyuncs.com/compatible-mode/v1"
)Clearly disclose the embedding provider and data sent, use a provider-specific environment variable, or align the code with the documented provider.
Users may not realize before installation that external API keys are needed and that queries may use those services.
The registry metadata declares no credentials, but SKILL.md setup asks for OPENAI_API_KEY and TAVILY_API_KEY. The keys are purpose-aligned, but the credential contract is under-declared.
Required env vars: none Env var declarations: none Primary credential: none
Declare required or optional API keys in metadata and document exactly which service each key authorizes.
Chat content and contact details may remain in local JSONL audit logs.
The audit logger persists raw inputs and outputs, and the skill's inquiry workflow asks for company, contact person, and phone number. This is disclosed audit behavior, but it can store personal or business data locally.
"user_id": user_id, "input": input_data, "output": output_data, "risk_level": risk_level
Add log retention, access-control, and redaction guidance, especially for phone numbers and company/contact information.
Incorrect or manipulated web content could become part of future knowledge-base answers.
External Tavily search results can be summarized, stored in the local knowledge base, and indexed for future answers. This is purpose-aligned, but untrusted web content can influence later responses.
结果处理:AI总结后以Markdown存入知识库并建立向量索引
Review or source-check newly imported web results before indexing them, and keep citations visible in answers.
Installation may fail or may require obtaining unreviewed files from somewhere else.
The install instructions reference requirements.txt and helper scripts that are not included in the provided file manifest. This looks like packaging drift rather than malicious behavior, but it means the documented setup does not match the reviewed artifacts.
pip install -r requirements.txt python scripts/knowledge_base_import.py python scripts/vector_index_builder.py
Ship the referenced requirements and scripts, or update the documentation to match the included files before users run setup commands.
The assistant's data can keep updating on a schedule after initial setup.
The skill documents optional cron jobs for unattended import, Tavily updates, vector rebuilds, and log cleanup. This is disclosed, but it creates persistent background activity if the user configures it.
cron_job ... 0 3 * * * python /path/to/water-knowledge-assistant/scripts/tavily_update.py
Enable scheduled jobs only if needed, verify the exact scripts and paths, and make sure there is a clear way to disable them.