← Back to Skills Marketplace
714
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install siphonclaw
Description
Hybrid document intelligence pipeline ingesting PDFs, images, and spreadsheets with OCR, visual and text search, and field fix capture for fast retrieval.
Usage Guidance
Do not install or run this skill blindly. The files describe downloads of large local models (Ollama pulls), a local vector DB, and use of multiple external APIs, yet the registry declares no required credentials—this mismatch is suspicious. Before using: 1) Verify the source repository (README references https://github.com/curtisgc1/siphonclaw.git) and review the actual code there; 2) If you plan to follow the README, inspect any scripts and requirements.txt for third-party packages and network calls; 3) Prefer running ingestion and model pulls on an isolated machine or VM (they download large models and will process local files); 4) Do not provide API keys (OpenRouter, Telegram, AgentMail, BraveSearch, etc.) until you confirm which endpoints will receive your data and why; 5) Consider restricting which filesystem paths the agent can access (avoid giving blanket access to / or home) and test with non-sensitive documents first. The lack of declared requirements and unknown provenance are the main reasons to proceed cautiously.
Capability Analysis
Type: OpenClaw Skill
Name: siphonclaw
Version: 1.2.0
This skill is classified as suspicious due to several high-risk capabilities and setup instructions. The `SKILL.md` and `README.md` both instruct users to execute a remote script via `curl -fsSL ... | sh` during setup, which is a significant Remote Code Execution (RCE) risk. Furthermore, the `siphonclaw_ingest` and `siphonclaw_identify` tools accept absolute `file_path` and `image_path` parameters, respectively, allowing an agent to potentially access and process arbitrary local files. The skill also supports ingesting content from arbitrary URLs (`url_loader.py`), posing a Server-Side Request Forgery (SSRF) risk. These capabilities, while potentially aligned with the stated purpose of document intelligence, create significant prompt injection vulnerabilities for local file disclosure and internal network access if an agent is maliciously prompted.
Capability Assessment
Purpose & Capability
The README/SKILL.md describe a full document-intelligence pipeline (local Ollama models, ChromaDB/BM25, visual embeddings, and optional cloud intelligence via OpenRouter/Minimax/etc.). That functionality plausibly requires local binaries, model downloads, and API keys. However, the skill metadata declares no required environment variables, no required binaries, and no install steps. This inconsistency (documented runtime needs vs declared requirements) is unexplained and therefore concerning.
Instruction Scope
The SKILL.md lists tools that accept absolute file_path and image_path arguments (ingest/identify), and describes fallback to web search and cloud intelligence. That means the agent using this skill may read arbitrary local files for ingestion and may forward extracted text/images to external APIs. The instructions don’t explicitly limit which files/paths are used, nor do they declare the external endpoints or credentials in the registry. That broad scope (local file access + potential outbound transmission) without declared constraints is a risk.
Install Mechanism
There is no install spec in the registry (instruction-only skill), so nothing is automatically downloaded or written by the platform. This minimizes immediate install-time risk. However, the README shows manual install steps (git clone, pip install, ollama pull) that a user would run separately — those commands themselves fetch large models and code from third parties and should be verified before execution.
Credentials
The registry lists no required env vars, but the README and documentation reference many credentials and endpoints (examples: OLLAMA_URL/OLLAMA_VISION_MODEL, OPENROUTER_API_KEY, MINIMAX_API_KEY, KIMI_API_KEY, TELEGRAM_BOT_TOKEN, AGENTMAIL_API_KEY, BRAVE_SEARCH_API_KEY, DAILY_BUDGET_CAP). Requiring multiple unrelated API keys (messaging, search, model routers) would be proportional to the pipeline but the skill did not declare them in metadata. The absence of declared primary credentials while docs require secrets is an incoherence that could lead to accidental data exposure if users supply keys without understanding what will be sent where.
Persistence & Privilege
The skill is not marked always:true and does not request system-level config paths in the registry. Autonomous invocation is allowed (platform default) but that alone is not a red flag. There is no evidence this skill modifies other skills or system-wide settings. Still, because it can instruct ingestion of arbitrary files and outbound calls, consider limiting its access and running it in a sandbox until provenance is confirmed.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install siphonclaw - After installation, invoke the skill by name or use
/siphonclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
Add MCP server with 5 tools (search, ingest, field_note, identify, status), security hardening (SSRF, Zip Slip, auth), Python 3.12
v1.1.0
Clean OSS release - domain-agnostic document intelligence with triple hybrid search, visual retrieval, OCR, field capture, and 5-tier model router
v1.0.0
Initial release of SiphonClaw — a domain-agnostic document intelligence pipeline.
- Ingest PDFs, images, screenshots, and spreadsheets into a searchable knowledge base with both text and visual embeddings.
- Search with hybrid retrieval: combines semantic, keyword, and visual methods for accurate results.
- Identify equipment or parts from photos using vision models, linking results to local documentation.
- Capture and index field fixes or repair notes as first-class knowledge entries for future retrieval.
- Confidence scores and source citations included with every answer.
- Five integrated MCP tools: search, ingest, field note, identify, and status.
Metadata
Frequently Asked Questions
What is Siphonclaw Skill?
Hybrid document intelligence pipeline ingesting PDFs, images, and spreadsheets with OCR, visual and text search, and field fix capture for fast retrieval. It is an AI Agent Skill for Claude Code / OpenClaw, with 714 downloads so far.
How do I install Siphonclaw Skill?
Run "/install siphonclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Siphonclaw Skill free?
Yes, Siphonclaw Skill is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Siphonclaw Skill support?
Siphonclaw Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Siphonclaw Skill?
It is built and maintained by curtisgc1 (@curtisgc1); the current version is v1.2.0.
More Skills