Safety Report

OpenClaw Knowledge Runtime

Name: OpenClaw Knowledge Runtime
Author: wanng-ide

Build a standalone layered knowledge runtime with typed links across knowledge entries, entities, memories, and reusable assets. Use when designing or implem...

246Downloads

4Installs

0Stars

3Versions

Notes & Knowledge2,087 Design & Prototyping2,077

Security Analysis

high confidence

Clean0.04 risk

The skill's declared purpose, instructions, and included code are internally consistent and proportional: it defines a local, standalone knowledge runtime using local file paths and adapter surfaces and requests no credentials or installs.

Mar 18, 20266 files1 concern

Purpose & Capabilityok

Name/description match the actual contents: documentation and a tiny index.js implement a standalone knowledge/runtime design. Required artifacts (storage files, adapters, record types) align with the stated goal; nothing asks for unrelated cloud credentials or external services.

Instruction Scopenote

SKILL.md confines activity to building queries, reading layered stores, one‑hop link expansion, ranking, and writing back only stable findings. It references default local storage paths under memory/knowledge/*. This is appropriate for a local runtime, but the instructions imply the agent will read and (occasionally) write files in those locations when integrated — verify host adapters constrain what gets read/written and avoid dumping raw logs or sensitive data into the store.

Install Mechanismok

No install spec. The skill is instruction-only plus a small index.js and docs; nothing downloads or executes external installers or archives.

Credentialsok

No required environment variables, credentials, or config paths are declared. The runtime uses only local file paths and adapter interfaces as described — proportional to the stated functionality.

Persistence & Privilegeok

always is false and the skill does not request persistent platform privileges. It describes write-back behavior but leaves actual persistence to the host through adapters; no self-enabling or cross-skill configuration changes are present.

Guidance

This skill appears coherent and local-only, but before installing: (1) confirm where the host will place and permission the memory/knowledge/* files so sensitive information isn't written to an insecure location; (2) review any host adapter code that integrates this runtime (query_builder, retrieval_selector, write_back) to ensure it filters sensitive inputs and enforces write-back rules; (3) when deploying in production, enforce retention/rotation and access controls on the knowledge store and audit what the skill writes to avoid accidentally persisting raw logs or secrets.

Latest Release

v1.0.2

Add a storefront README and usage examples for clearer ClawHub presentation

Popular Skills

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Summarize

@summarize · 415 stars

Published by @wanng-ide on ClawHub