📦 RAGFlow — RAG数据集管理

Name: RAGFlow — RAG数据集管理
Rating: 4

v1.0.8

一站式管理 RAGFlow 数据集：创建、查看、更新、删除数据集；上传、维护、删除文档；启动/停止解析并实时跟踪进度，为检索增强生成提供完整数据闭环。

4· 712·0 当前·0 累计

by @yingfeng

AI模型访问数据处理 API工具文档工具

下载技能包

最后更新

2026/3/24

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

medium confidence

NULL

评估建议

This skill appears to be a straightforward client for a RAGFlow HTTP API. Before installing: (1) Ensure RAGFLOW_API_URL points to a trusted RAGFlow instance; (2) limit the RAGFLOW_API_KEY scope/permissions and rotate it if possible; (3) be cautious when asking the agent to upload files — the scripts will read and transmit any local file you provide or reference via @path, so do not pass sensitive local files unless intended; (4) the SKILL.md requires explicit confirmation for deletes, but verify...

详细分析 ▾

✓ 用途与能力

Name/description match the included scripts: dataset CRUD, document upload/update/delete, parsing control, status checks, search, and listing configured models. Declared requirements (python3, RAGFLOW_API_URL, RAGFLOW_API_KEY) are appropriate and proportionate for an HTTP API client to a RAGFlow service.

ℹ 指令范围

SKILL.md directs the agent to run only the bundled scripts and to prefer --json. The scripts operate against the declared RAGFLOW_API_URL and use the API key for Authorization. The scripts legitimately read files for uploads and accept @path JSON inputs for update operations — this is expected for upload/update behavior but means the skill can read and transmit any local file the agent is asked to upload or pass as @file. Guardrails require explicit confirmation for deletes, which is appropriate.

✓ 安装机制

No install spec; this is an instruction+script bundle that requires python3 on PATH. Nothing is downloaded or written during install, lowering the installation risk.

✓ 凭证需求

Only RAGFLOW_API_URL and RAGFLOW_API_KEY are required and primaryEnv is the API key — this is appropriate for communicating with a RAGFlow HTTP API. There are no unrelated secrets requested. (Note: some helper code like common.py may read runtime config from args/env or config files — the manifest references resolve_runtime_config/require_api_key but declared env requirements match the expected inputs.)

✓ 持久化与权限

always:false and no install hooks are present. The skill does not request system-wide persistence or changes to other skills. The agent may invoke the skill autonomously (disable-model-invocation is false), which is the platform default; this is not combined with other red flags here.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.82026/3/18

NULL

● 无害

安装命令

点击复制

官方npx clawhub@latest install ragflow-skill

镜像加速npx clawhub@latest install ragflow-skill --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库