Repository: rag_ex
Author: nshkrdotcom·Source status: Clear source
Elixir RAG library with multi-LLM routing (Gemini, Claude, OpenAI, Ollama), GraphRAG, knowledge graphs, modular retrievers/rerankers, composable pipelines, pgvector integration, advanced chunking, and tool-using agents.
Score basis:Clear source · Low risk signals · Universal
Trust level
70 · Review first
Usable, but inspect source, install method, and risk hints before adoption.
Risk decision
No explicit risk signals
No explicit risk signal is available.
Install readiness
script-backed · copy-only command
SkillTrust only shows install guidance and copy actions; it never executes installs.
Before you install
Review source, permissions, and execution risk first, then alternatives. Scores prioritize review; they do not replace manual judgment.
Review weakest dimensions and next actions before copying commands.
Evidence or risk signals are incomplete; compare alternatives first.
Audit grade
C · Review first
Execution risk
High
Evidence confidence
67%
SAS-v2.1 radar
SAS-v2.1
Audit grade
C · Review first
Execution risk
High
Top threats
unexpected code execution, data exfiltration
Control gaps
missing license, broad permissions
Evidence confidence
67%
Repository
nshkrdotcom/rag_ex
Author
nshkrdotcom
Community signal
7 stars · 1 forks
Last updated
2025-12-23
Primary source
nshkrdotcom/rag_ex
Source status
Clear source
Install method
script-backed
Command & code execution
34Focus: Whether it runs commands or scripts
Next action: Manually confirm command-running skills in an isolated directory.
High-risk action confirmation
38Focus: Whether destructive or external actions require confirmation
Next action: Avoid directly installing high-risk skills without confirmation controls.
Network & data egress
43Focus: Whether it may send data out
Next action: If unsure, restrict network access or allow only known domains.
Supported tools can change install steps; Universal entries need source review.
Explicitly supported
Candidate support (inferred)
Candidate tools are inferred signals, not official compatibility certifications.
git clone https://github.com/nshkrdotcom/rag_ex.gitNo explicit risk signals recorded
Review source and permissions before copying install commands.
Evidence or risk signals are incomplete; compare alternatives first.
Focus: Who published it and whether it is traceable
Next action: Review repository, author, and README first; do not install directly when source is pending.
Focus: Whether install steps can be reviewed
Next action: Prefer candidates with install docs and repository evidence.
Focus: Whether tool descriptions may hide instructions
Next action: Read README, rules, and tool descriptions before install.
Focus: What it can access
Next action: Grant only task-required permissions and prefer Ask/manual confirmation.
Focus: Whether it runs commands or scripts
Next action: Manually confirm command-running skills in an isolated directory.
Focus: Whether file reads/writes can escape scope
Next action: Check working directory and file access scope before running.
Focus: Whether it may send data out
Next action: If unsure, restrict network access or allow only known domains.
Focus: Whether it handles tokens, private keys, or agent identity
Next action: Do not provide long-lived tokens or private keys to source-pending skills.
Focus: Whether external content can steer behavior
Next action: For browser/RAG/rules skills, review permissions and confirmation controls first.
Focus: Whether memory or retrieved context can be poisoned
Next action: Try RAG/memory skills in a low-privilege environment first.
Focus: Whether external tools and MCP access are clearly bounded
Next action: Confirm which external tools it will connect to before install, and start with the smallest possible set.
Focus: Whether destructive or external actions require confirmation
Next action: Avoid directly installing high-risk skills without confirmation controls.
Focus: How far impact can spread when something goes wrong
Next action: If unsure, test in an isolated project first.
Focus: Whether actions can be traced
Next action: Prefer candidates with logs or previews.
Focus: Whether it is maintained and reusable
Next action: Check license and maintenance before organizational use.
Usable, but inspect source, install method, and risk hints before adoption.
Phase 1 only shows installation-aware, source-backed signals. SkillTrust does not execute install scripts for users.
Risk factors
No explicit risk signals.
Permission hints
repository clone, local runtime dependencies
Why related: Same task category, Keyword overlap...
Why related: Same task category, Keyword overlap, Similar install method
Repository: UnifAI
Author: redhat-community-ai-tools · Source status: Clear source
Production-grade multi-agent orchestration engine.
Score basis:Clear source · High risk signals · Universal
Why related: Same task category, Keyword overlap...
Why related: Same task category, Keyword overlap, Similar install method
Repository: rag_demos
Author: dappros · Source status: Clear source
Examples of RAG (Retrieval-Augmented Generation) with Ethora, LangChain, and OpenAI.
Score basis:Clear source · Low risk signals · Universal
Why related: Same task category, Keyword overlap...
Why related: Same task category, Keyword overlap, Similar install method
Repository: openclaw/skills
Author: cinience · Source status: Clear source
Use when working with OpenSearch vector search edition via the Python SDK (ha3engine) to push documents and run HA/SQL searches.
Score basis:Clear source · High risk signals · Claude
Why related: Same task category, Keyword overlap...
Why related: Same task category, Keyword overlap, Similar install method
Repository: openclaw/skills
Author: lookupmark · Source status: Clear source
Semantic search over local files using all-MiniLM-L6-v2 embeddings and ms-marco-MiniLM-L-6-v2 cross-encoder reranking with ChromaDB and parent-child chunking.
Score basis:Clear source · High risk signals · OpenClaw
Why related: Same task category, Keyword overlap...
Why related: Same task category, Keyword overlap, Similar install method
Repository: cymbal-air-toolbox-demo
Author: GoogleCloudPlatform · Source status: Clear source
Demo of a customer service agent (Cymbal Air) using LangGraph, Tools, and RAG to interact with Google Cloud Databases via MCP Toolbox.
Score basis:Clear source · Low risk signals · Universal
Why related: Same task category, Keyword overlap...
Why related: Same task category, Keyword overlap, Similar install method
Repository: synapse
Author: nshkrdotcom · Source status: Clear source
Headless, declarative multi-agent orchestration framework with a domain-agnostic signal bus, workflow engine with Postgres persistence, and configurable agent runtime (ships code review domain).
Score basis:Clear source · Low risk signals · Universal
Repository: pipeline_ex
Author: nshkrdotcom · Source status: Clear source
Claude Code + Gemini AI collaboration orchestration tools Topics: ai, ai-orchestration, ai-pipeline, beam, claude, collaboration, elixir, erlang-vm, functional-programming, gemini, llm-orchestration, model-collaboration.
Score basis:Clear source · Low risk signals · Universal
Repository: gemini_ex
Author: nshkrdotcom · Source status: Clear source
Elixir Interface / Adapter for Google Gemini LLM, for both AI Studio and Vertex AI
Score basis:Clear source · Risk needs review · Universal
Repository: claude_agent_sdk
Author: nshkrdotcom · Source status: Clear source
An Elixir SDK for Claude Code - provides programmatic access to Claude Code CLI with streaming message processing
Score basis:Clear source · Risk needs review · Universal