Sirchmunk

Local file search using sirchmunk API. Use when you need to search for files or content by asking natural language questions.

This skill is a small local client that talks to a sirchmunk server on localhost; the immediate code is simple and not itself exfiltrating. However, before installing or using it you should: 1) Inspect the sirchmunk server code (the SKILL.md points to a GitHub repo) to confirm how it reads files and where it sends content. 2) Be cautious about providing an LLM_API_KEY/LLM_BASE_URL: if these point to a cloud LLM, your searched file contents may be sent off-host. Prefer running a local, trusted LLM endpoint or omit sensitive directories from SIRCHMUNK_SEARCH_PATHS. 3) Keep the server bound to localhost and firewall it from external access. 4) Verify ~/.sirchmunk/.env contents and don't store global secrets there unless you trust the server implementation. 5) If unsure, run sirchmunk in an isolated environment or container and review network traffic while performing searches. These steps will reduce the risk of accidental data exfiltration.

Type: OpenClaw Skill Name: sirchmunk Version: 1.0.0 The script `scripts/sirchmunk_search.sh` contains a shell injection vulnerability because the `$QUERY` and `$PATHS` variables are interpolated directly into a double-quoted string within a `curl` command. This allows for arbitrary command execution on the host if the input contains shell metacharacters (e.g., `$(command)`). While this is a critical security flaw, it appears to be an unintentional vulnerability rather than intentional malice, as the skill's functionality aligns with its documentation and references a legitimate open-source project (ModelScope/sirchmunk).