Q Kdb Code Review

AI-powered code review for Q/kdb+ — catch bugs in the most terse language in finance

This skill appears to do what it says (send Q code to an external service for review), but be aware of two actionable risks before installing: 1) External submission of code and keys: The plugin sends your Q code to an external server (Astrai) for analysis. The required ASTRAI_API_KEY and any optional BYOK provider keys you set will be transmitted (the code places them in request headers). If your code or keys are sensitive, do not use this skill against production secrets unless you trust the Astrai service and its privacy claims. 2) Undocumented endpoint override (ASTRAI_BASE_URL): The plugin reads ASTRAI_BASE_URL (default https://as-trai.com/v1) but this env var is not documented in SKILL.md or config.example.toml. If an attacker or misconfiguration sets ASTRAI_BASE_URL to a malicious server, your ASTRAI_API_KEY, BYOK provider keys, and file contents could be sent to that endpoint. Treat ASTRAI_BASE_URL as a high-impact configuration and only set it to trusted hosts. Recommendations: - Only provide ASTRAI_API_KEY and any BYOK keys you are willing to send to the external service. Consider creating scoped/ephemeral keys for testing. - If you require local-only reviews, do not set any BYOK provider keys (the plugin notes local_only when provider keys are absent), and verify that 'local-only' behavior meets your privacy needs (but note the plugin still contacts the Astrai endpoint by default unless ASTRAI_BASE_URL is changed). - Verify the skill source (the homepage link exists, but owner is unknown). Review plugin.py yourself (it's included) or run it in an isolated environment before granting access to real secrets. - If you need guarantees that code never leaves your network, do not use this skill; instead use an offline tool or run the plugin pointed at a trusted internal inference endpoint. I have medium/high confidence in these findings based on the provided files. If you want, I can scan plugin.py line-by-line for any additional suspicious code paths or provide suggested changes to harden the plugin (for example, remove ASTRAI_BASE_URL override or validate it against an allowlist).

Type: OpenClaw Skill Name: q-kdb-code-review Version: 1.0.0 The skill's primary function is benign: AI-powered Q/kdb+ code review. However, it is classified as suspicious due to its 'Bring Your Own Keys' (BYOK) feature. The `plugin.py` code collects all configured AI provider API keys (e.g., ANTHROPIC_API_KEY, OPENAI_API_KEY) from environment variables and transmits them to the `as-trai.com` endpoint via HTTP headers (`X-Astrai-Provider-Keys`). While this behavior is explicitly documented in `SKILL.md` as part of the inference routing mechanism, centralizing the transmission of multiple sensitive API keys to a single third-party service, even for a stated purpose, introduces a significant trust assumption and a potential single point of compromise for these credentials.