← 返回 Skills 市场
curtisgc1

Siphonclaw Skill

作者 curtisgc1 · GitHub ↗ · v1.2.0
cross-platform ⚠ suspicious
714
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install siphonclaw
功能描述
Hybrid document intelligence pipeline ingesting PDFs, images, and spreadsheets with OCR, visual and text search, and field fix capture for fast retrieval.
安全使用建议
Do not install or run this skill blindly. The files describe downloads of large local models (Ollama pulls), a local vector DB, and use of multiple external APIs, yet the registry declares no required credentials—this mismatch is suspicious. Before using: 1) Verify the source repository (README references https://github.com/curtisgc1/siphonclaw.git) and review the actual code there; 2) If you plan to follow the README, inspect any scripts and requirements.txt for third-party packages and network calls; 3) Prefer running ingestion and model pulls on an isolated machine or VM (they download large models and will process local files); 4) Do not provide API keys (OpenRouter, Telegram, AgentMail, BraveSearch, etc.) until you confirm which endpoints will receive your data and why; 5) Consider restricting which filesystem paths the agent can access (avoid giving blanket access to / or home) and test with non-sensitive documents first. The lack of declared requirements and unknown provenance are the main reasons to proceed cautiously.
功能分析
Type: OpenClaw Skill Name: siphonclaw Version: 1.2.0 This skill is classified as suspicious due to several high-risk capabilities and setup instructions. The `SKILL.md` and `README.md` both instruct users to execute a remote script via `curl -fsSL ... | sh` during setup, which is a significant Remote Code Execution (RCE) risk. Furthermore, the `siphonclaw_ingest` and `siphonclaw_identify` tools accept absolute `file_path` and `image_path` parameters, respectively, allowing an agent to potentially access and process arbitrary local files. The skill also supports ingesting content from arbitrary URLs (`url_loader.py`), posing a Server-Side Request Forgery (SSRF) risk. These capabilities, while potentially aligned with the stated purpose of document intelligence, create significant prompt injection vulnerabilities for local file disclosure and internal network access if an agent is maliciously prompted.
能力评估
Purpose & Capability
The README/SKILL.md describe a full document-intelligence pipeline (local Ollama models, ChromaDB/BM25, visual embeddings, and optional cloud intelligence via OpenRouter/Minimax/etc.). That functionality plausibly requires local binaries, model downloads, and API keys. However, the skill metadata declares no required environment variables, no required binaries, and no install steps. This inconsistency (documented runtime needs vs declared requirements) is unexplained and therefore concerning.
Instruction Scope
The SKILL.md lists tools that accept absolute file_path and image_path arguments (ingest/identify), and describes fallback to web search and cloud intelligence. That means the agent using this skill may read arbitrary local files for ingestion and may forward extracted text/images to external APIs. The instructions don’t explicitly limit which files/paths are used, nor do they declare the external endpoints or credentials in the registry. That broad scope (local file access + potential outbound transmission) without declared constraints is a risk.
Install Mechanism
There is no install spec in the registry (instruction-only skill), so nothing is automatically downloaded or written by the platform. This minimizes immediate install-time risk. However, the README shows manual install steps (git clone, pip install, ollama pull) that a user would run separately — those commands themselves fetch large models and code from third parties and should be verified before execution.
Credentials
The registry lists no required env vars, but the README and documentation reference many credentials and endpoints (examples: OLLAMA_URL/OLLAMA_VISION_MODEL, OPENROUTER_API_KEY, MINIMAX_API_KEY, KIMI_API_KEY, TELEGRAM_BOT_TOKEN, AGENTMAIL_API_KEY, BRAVE_SEARCH_API_KEY, DAILY_BUDGET_CAP). Requiring multiple unrelated API keys (messaging, search, model routers) would be proportional to the pipeline but the skill did not declare them in metadata. The absence of declared primary credentials while docs require secrets is an incoherence that could lead to accidental data exposure if users supply keys without understanding what will be sent where.
Persistence & Privilege
The skill is not marked always:true and does not request system-level config paths in the registry. Autonomous invocation is allowed (platform default) but that alone is not a red flag. There is no evidence this skill modifies other skills or system-wide settings. Still, because it can instruct ingestion of arbitrary files and outbound calls, consider limiting its access and running it in a sandbox until provenance is confirmed.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install siphonclaw
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /siphonclaw 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
Add MCP server with 5 tools (search, ingest, field_note, identify, status), security hardening (SSRF, Zip Slip, auth), Python 3.12
v1.1.0
Clean OSS release - domain-agnostic document intelligence with triple hybrid search, visual retrieval, OCR, field capture, and 5-tier model router
v1.0.0
Initial release of SiphonClaw — a domain-agnostic document intelligence pipeline. - Ingest PDFs, images, screenshots, and spreadsheets into a searchable knowledge base with both text and visual embeddings. - Search with hybrid retrieval: combines semantic, keyword, and visual methods for accurate results. - Identify equipment or parts from photos using vision models, linking results to local documentation. - Capture and index field fixes or repair notes as first-class knowledge entries for future retrieval. - Confidence scores and source citations included with every answer. - Five integrated MCP tools: search, ingest, field note, identify, and status.
元数据
Slug siphonclaw
版本 1.2.0
许可证
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Siphonclaw Skill 是什么?

Hybrid document intelligence pipeline ingesting PDFs, images, and spreadsheets with OCR, visual and text search, and field fix capture for fast retrieval. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 714 次。

如何安装 Siphonclaw Skill?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install siphonclaw」即可一键安装,无需额外配置。

Siphonclaw Skill 是免费的吗?

是的,Siphonclaw Skill 完全免费(开源免费),可自由下载、安装和使用。

Siphonclaw Skill 支持哪些平台?

Siphonclaw Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Siphonclaw Skill?

由 curtisgc1(@curtisgc1)开发并维护,当前版本 v1.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论