ClawHubCN
@steipete

Qmd

Local search/indexing CLI (BM25 + vectors + rerank) with MCP mode.

Mirror download
Current version
v1.0.0
97 2.8万All installs 379
READMEFilesVersionsCompare

name: qmd description: Local search/indexing CLI (BM25 + vectors + rerank) with MCP mode. homepage: https://tobi.lutke.com metadata: {"clawdbot":{"emoji":"📝","requires":{"bins":["qmd"]},"install":[{"id":"node","kind":"node","package":"https://github.com/tobi/qmd","bins":["qmd"],"label":"Install qmd (node)"}]}}

qmd

Use qmd to index local files and search them.

Indexing

  • Add collection: qmd collection add /path --name docs --mask "**/*.md"
  • Update index: qmd update
  • Status: qmd status

Search

  • BM25: qmd search "query"
  • Vector: qmd vsearch "query"
  • Hybrid: qmd query "query"
  • Get doc: qmd get docs/path.md:10 -l 40

Notes

  • Embeddings/rerank use Ollama at OLLAMA_URL (default http://localhost:11434).
  • Index lives under ~/.cache/qmd by default.
  • MCP mode: qmd mcp.

Security Scan

Status

suspicious

Open VirusTotal

OpenClaw

gpt-5-mini

suspicious

OpenClaw analysis

The skill's instructions mostly match a local search CLI, but there are small inconsistencies and moderate install/credential risks you should understand before installing.

Confidence: medium

VirusTotal

Type: OpenClaw Skill Name: qmd Version: 1.0.0 The skill bundle defines a local search/indexing CLI tool. The `SKILL.md` provides installation instructions for `qmd` from a seemingly legitimate GitHub repository (`https://github.com/tobi/qmd`) and outlines local CLI usage. There is no evidence of data exfiltration, malicious execution instructions, persistence mechanisms, prompt injection attempts, or obfuscation. All described operations are local and aligned with the stated purpose of a search/indexing tool.

Metadata

  • Owner: @steipete
  • Created: 2026/01/04
  • Updated: 2026/02/26
  • Versions: 1
  • Comments: 5
  • Scan checked at: 2026/02/11

Runtime

No runtime requirements are exposed in the official public payload.