← Back to Skills Marketplace
flobo3

Skill Graphify

by Flo · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
292
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install skill-graphify
Description
Turn any folder of code, docs, papers, or images into a queryable knowledge graph. Cross-platform wrapper for graphify CLI.
Usage Guidance
The wrapper/script is coherent with its stated purpose, but it will attempt to install the PyPI package 'graphifyy' at runtime. Before installing or running this skill: 1) verify the 'graphifyy' package on PyPI (owner, versions, release history) and inspect its source repository for malicious or surprising behavior; 2) prefer running the wrapper in an isolated environment (VM, container, or virtualenv) so install-time code can't affect your system; 3) consider manually installing a vetted version of the graphify package (or using a pinned version) rather than letting the wrapper run pip automatically; 4) if you cannot confirm the package provenance, do not run ensure-installed or build on sensitive directories (run it on a disposable copy of data first). If you want, I can help look up the 'graphifyy' package, its PyPI page, or search for a source repository to validate provenance.
Capability Analysis
Type: OpenClaw Skill Name: skill-graphify Version: 1.0.0 The skill exhibits high-risk behavior by automatically installing an external Python package ('graphifyy') and executing dynamically generated Python code via 'subprocess.run' in 'graphify_wrapper.py'. While these actions are consistent with the stated purpose of building a knowledge graph, the execution pattern (using 'sys.executable -c' with f-strings) and the potential typosquatting risk of the package name ('graphifyy' vs the tool name 'graphify') create a significant attack surface for remote code execution (RCE) and supply chain compromise.
Capability Assessment
Purpose & Capability
Name/description, README, SKILL.md, and the wrapper code all align: the script installs/uses a 'graphify' package and runs detect→extract→build→report on a target folder. The requested operations (reading files in the target folder, writing output under <target>/graphify-out/) match the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run the bundled Python wrapper to install and run graphify. Runtime instructions and the code operate only on the provided target path and the created output directory; they do not attempt to read system-wide config, credentials, or unrelated paths. The skill will read files inside the target folder and write outputs and cache files there (expected behavior).
Install Mechanism
There is no registry install spec in the skill metadata, but the wrapper (and SKILL.md) call 'pip install graphifyy' at runtime. Installing an arbitrary PyPI package executes untrusted code (install-time scripts, imports) and the package/author provenance is not provided (homepage/source unknown). This is a moderate-to-high supply-chain risk compared with a vetted release or a pinned URL to a trustworthy repo.
Credentials
The skill declares no required environment variables, no credentials, and the code does not read environment secrets. It only interacts with the filesystem under the target path and runs local Python/pip — access requested is proportionate to the stated functionality.
Persistence & Privilege
The skill is not always-enabled, does not modify other skills or global agent config, and only writes outputs/caches under the project's graphify-out directory. It does not request elevated/system privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install skill-graphify
  3. After installation, invoke the skill by name or use /skill-graphify
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial-release
Metadata
Slug skill-graphify
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Skill Graphify?

Turn any folder of code, docs, papers, or images into a queryable knowledge graph. Cross-platform wrapper for graphify CLI. It is an AI Agent Skill for Claude Code / OpenClaw, with 292 downloads so far.

How do I install Skill Graphify?

Run "/install skill-graphify" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill Graphify free?

Yes, Skill Graphify is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Skill Graphify support?

Skill Graphify is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill Graphify?

It is built and maintained by Flo (@flobo3); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments