← Back to Skills Marketplace
95
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install thelibrarian
Description
Build and search lightweight quantized document indexes with TurboVec. Use when you need to create searchable indexes from documents for RAG applications wit...
Usage Guidance
This skill appears coherent for building/searching TurboVec quantized indexes, but before installing: 1) Confirm where embeddings are sent — the scripts default to http://host.docker.internal:11434 (an Ollama-style local endpoint). If you run the tool, embedding text will be POSTed to whichever API URL you supply; point it to a trusted local service or a trusted remote provider. 2) SKILL.md/help mention an OLLAMA_API env var but the scripts use a default and accept --api — set the --api flag or edit the code if you need a different endpoint. 3) Run the code in an isolated environment (dedicated venv/container) when indexing sensitive documents. 4) Review and vet third-party packages (turbovec, flashrank, rank-bm25) before pip installing them. 5) For high-risk documents (medical, legal, financial) follow the author's own advice and use a higher-accuracy/approved setup (e.g., FAISS) or ensure your embedding provider and runtime are fully trusted.
Capability Analysis
Type: OpenClaw Skill
Name: thelibrarian
Version: 1.0.1
The skill bundle implements a legitimate document indexing and search system but contains a critical security vulnerability. Specifically, 'scripts/search.py' uses 'pickle.load()' to deserialize the BM25 index from the disk, which allows for Remote Code Execution (RCE) if the agent is directed to search a malicious or untrusted index directory. Additionally, 'scripts/librarian.sh' utilizes 'LD_PRELOAD' to load the BLAS library; while this is documented as a requirement for the 'turbovec' dependency, it is a high-risk mechanism that could be abused. No evidence of intentional malice, data exfiltration, or harmful prompt injection was found.
Capability Tags
Capability Assessment
Purpose & Capability
The name/description (lightweight quantized document index/search) matches the included scripts: build_index.py, search.py, and a wrapper. Required libraries (turbovec, rank-bm25, flashrank, numpy, requests) and use of an embedding API are appropriate for the described functionality.
Instruction Scope
Runtime instructions and scripts operate only on user-supplied document directories and write index files to the specified output directory. The code makes network calls only to an embedding service (requests.post to an Ollama-style API URL). The SKILL.md mentions an OLLAMA_API environment variable in help text, but the Python scripts default to a hard-coded DEFAULT_OLLAMA_API and accept a --api flag — a minor mismatch in where the config is read from.
Install Mechanism
No install spec is provided (instruction-only install). The skill expects the user to create a local virtualenv and pip-install dependencies; nothing is downloaded or executed silently by an installer in the package itself.
Credentials
The skill requests no declared credentials or config paths. However, it posts document text to an embedding API (default: http://host.docker.internal:11434). This is necessary for embeddings but means the user must trust the endpoint they point to; SKILL.md/help references an OLLAMA_API env var but the scripts rely on a default or CLI flag, so confirm where embeddings will be sent.
Persistence & Privilege
always is false, the skill does not require persistent platform privileges, and it confines file writes to the index output path. It does not modify other skills or system-wide configs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install thelibrarian - After installation, invoke the skill by name or use
/thelibrarian - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Version bump to 1.0.1 with no code or documentation changes.
- No file modifications detected; functionality and documentation remain unchanged.
v1.0.0
RAG for Low resource systems.
Built for OpenClaw Edge Device Deployment.
- Initial release of The Librarian skill.
- Enables building and searching lightweight quantized document indexes with TurboVec.
- Designed for semantic search and RAG applications on resource-constrained hardware (e.g., Raspberry Pi).
- Supports hybrid search (vector + BM25) and optional Flashrank reranking.
- Achieves 8-16x smaller indexes than FAISS with ~97-98% of FAISS accuracy at 4-bit quantization.
- Ideal for personal or team use cases requiring efficient document search without heavy infrastructure.
Like it? https://buymeacoffee.com/endarochfov
Metadata
Frequently Asked Questions
What is The Librarian?
Build and search lightweight quantized document indexes with TurboVec. Use when you need to create searchable indexes from documents for RAG applications wit... It is an AI Agent Skill for Claude Code / OpenClaw, with 95 downloads so far.
How do I install The Librarian?
Run "/install thelibrarian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is The Librarian free?
Yes, The Librarian is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does The Librarian support?
The Librarian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created The Librarian?
It is built and maintained by Enda (@rochyroch); the current version is v1.0.1.
More Skills