Qmd

SKILL.md describes a local CLI (qmd) for indexing/search and the metadata asks for the qmd binary and provides a node-based install from a GitHub repo—this is generally coherent. However the instructions reference an environment variable (OLLAMA_URL) for embeddings/rerank but the skill declares no required env vars; that mismatch should be clarified.

Runtime instructions are limited to executing qmd commands (index/update/search/get/mcp) and note index location (~/.cache/qmd). They do not instruct broad system access or exfiltration in themselves. They do rely on the qmd binary performing file IO and contacting an embeddings service (Ollama).

The embedded metadata suggests installing a node package from a GitHub URL (https://github.com/tobi/qmd). Pulling code from a GitHub repo is common but still executes third-party code on install — moderate risk compared to using a vetted package registry or release artifact. The SKILL.md itself contains no code, so the install step would create the runtime footprint.

The instructions reference OLLAMA_URL (default http://localhost:11434) for embeddings/rerank but the skill lists no required environment variables. That omission hides a meaningful external dependency. If a user sets OLLAMA_URL to a remote host, document/text sent for embeddings could be transmitted off-box. No credentials are requested by the skill, but the potential for data to be sent to an external Ollama endpoint is a proportionality/privacy concern that should be explicit.

The skill does not request always:true, does not list config paths, and is user-invocable only. There is no evidence it attempts to modify other skills or gain permanent elevated presence.