← Back to Skills Marketplace
Sift
by
Indigo Karasu
· GitHub ↗
· v2.3.0
· MIT-0
258
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install ocas-sift
Description
Web search, research synthesis, fact verification, and entity extraction. The system's general research engine. Use for topic research, web lookups, fact-che...
Usage Guidance
What to consider before installing:
- Data persistence: Sift will write journals, session data, and Signal files to ~/openclaw/... and will emit extracted entities to the Elephas intake; reviewed or sensitive queries can become persistent artifacts and may be promoted into a shared knowledge graph. If you handle sensitive data, decide whether to allow these write locations or to restrict them.
- Self-update behavior: SKILL.md/README describe automatic self-updates and a cron job that pulls from GitHub. The registry has no formal install package; that means the skill expects to fetch code externally at runtime. Ask whether you want a skill that can download and update itself automatically — this increases risk and you should review the upstream GitHub repo before enabling.
- External network calls: The skill will call free search providers (Brave/DuckDuckGo/SearXNG) and optional paid semantic providers (Exa/Tavily). Optional API keys are reasonable for this purpose; provide only keys you trust. If you prefer offline or air-gapped usage, do not supply provider keys and limit external tiers.
- Cross-skill interactions: Sift writes to Elephas intake and may read Thread/Chronicle context. Confirm you trust those other skills and that their intake/promotion behavior is acceptable.
- Checklist before install: inspect the upstream GitHub repository referenced in SKILL.md, confirm you accept automatic writes to ~/openclaw paths, decide whether to allow cron-based self-updates, and restrict or withhold API keys if you want to limit external queries.
Because of the undeclared self-update/cron behavior and persistent cross-skill writes, this skill is coherent with its purpose but carries non-trivial persistence and remote-fetch risks — review the upstream source and decide whether to disable auto-updates or restrict filesystem paths before enabling.
Capability Analysis
Type: OpenClaw Skill
Name: ocas-sift
Version: 2.3.0
The skill implements an automated self-update mechanism in `SKILL.md` via the `sift.update` command and a daily midnight cron job. This process uses shell commands (`gh api`, `tar`, `cp`) to download and overwrite the skill's own directory with content from a remote GitHub repository (indigokarasu/sift). While documented as a maintenance feature, this creates a significant supply-chain risk and a persistent Remote Code Execution (RCE) vector if the source repository is compromised.
Capability Assessment
Purpose & Capability
The skill's name/description (web research, synthesis, fact verification, entity extraction) aligns with the declared optional credentials (Brave, Exa, Tavily) and with the filesystem reads/writes (journals, data, Elephas intake). Reading Thread/Chronicle context and using tiered search providers is consistent with the research functionality.
Instruction Scope
Runtime instructions ask the agent to persist sessions, write journals, and emit Signal files to ~/openclaw/db/ocas-elephas/intake/ for entity promotion — behavior that will make researched data persistent and hand it off to another skill (Elephas). The instructions also mention reading conversation context, Chronicle, and potentially geolocation from other components; those data sources are not listed as explicit credentials but the skill will consume contextual/system data if available. The SKILL.md also instructs self-update behavior (pull latest from GitHub) and README claims registering a midnight cron for automatic updates — these are side effects beyond pure query/lookup work and expand runtime scope.
Install Mechanism
There is no formal install spec in the registry, but SKILL.md and README include an 'openclaw skill install https://github.com/indigokarasu/sift' line and describe automatic self-updates via a cron job. The registry provides no packaged install instructions or vetted release URL; self-update/auto-install behavior implies fetching code from GitHub at runtime, which increases risk and is not fully declared in the registry metadata.
Credentials
The skill lists optional API keys for the search/semantic providers (brave_search_api_key, exa_api_key, tavily_api_key) which are proportional to its function. No unrelated secrets are requested. However, it will write extracted entities and decisions to local intake/journal paths — this may surface or persist sensitive content into the system knowledge pipeline (Elephas/Chronicle), so users should consider whether that data flow is acceptable.
Persistence & Privilege
Although always:false, the skill claims to register a daily 'sift:update' cron job and to persist session/journal/entity files under the user's home directory. Scheduled self-updates and persistent writing into shared intake directories represent lasting changes and a broader blast radius (automatic downloads, ongoing background behavior, and cross-skill data flows). These persistent actions are not fully explicit in the registry install metadata.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ocas-sift - After installation, invoke the skill by name or use
/ocas-sift - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.3.0
ocas-sift v2.3.0
- Added self-update command: `sift.update` pulls latest version from GitHub and preserves journals/data.
- New initialization flow: skill auto-initializes storage and cron jobs on first run via `sift.init`.
- Daily background auto-update: registers a `sift:update` cron job to keep the skill current.
- Expanded documentation on installation, update mechanism, initialization, run completion, and trigger phrases.
- Minor tweaks to config (`skill_version` updated) and improved clarity in usage and skill boundary.
v2.0.0
- Added research journal schema file: `references/journal.md`, specifying journal structure for research sessions.
- Updated documentation to include the new `sift.journal` command, which writes a journal at the end of every run.
- Clarified inter-skill interfaces: Sift now emits enrichment candidates as Signal files to Elephas intake and explains cooperative Thread and Chronicle reads.
- Expanded and reorganized the SKILL.md to include responsibility boundaries, skill cooperation, storage layout updates, and default config with OCAS_ROOT override.
- Formalized OKRs and pointed to `references/journal.md` for journal schema details.
v1.2.0
- Introduces expanded research synthesis, fact verification, and structured entity extraction features.
- Adds automatic query classification and response modes, including deep research threading and comparisons.
- Implements a tiered search system with escalation criteria and quota monitoring.
- Integrates per-domain trust scoring for source reliability and fact consensus evaluation.
- Enforces strict separation from person-focused/OSINT investigations, delegating those to Scout.
- Provides detailed support documentation and structured storage layout for research artifacts and extracted data.
Metadata
Frequently Asked Questions
What is Sift?
Web search, research synthesis, fact verification, and entity extraction. The system's general research engine. Use for topic research, web lookups, fact-che... It is an AI Agent Skill for Claude Code / OpenClaw, with 258 downloads so far.
How do I install Sift?
Run "/install ocas-sift" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Sift free?
Yes, Sift is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Sift support?
Sift is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Sift?
It is built and maintained by Indigo Karasu (@indigokarasu); the current version is v2.3.0.
More Skills