Buffer Calculator
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is local and does not show data theft or persistence, but its core buffer mass calculation appears wrong by a factor of 1,000 and it requests broader tool access than a calculator needs.
This skill does not appear to steal data or install anything, but you should not use it for actual laboratory recipes unless you independently verify the math. Its tool permissions should also be narrowed before installation.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could be told to weigh vastly too much reagent, wasting materials and potentially creating unsafe or unusable lab solutions.
For concentration in mM and volume in mL, this computes millimoles, not moles, before multiplying by molecular weight. That makes displayed masses about 1,000x too high, contradicting the skill's claim of precise and accurate buffer calculations.
moles = conc * final_volume_ml / 1000 # mmol to mol
grams = moles * mwDo not rely on this skill for real lab preparation until the unit conversion is fixed and tested against known buffer recipes.
If granted as written, the agent would have more local tool authority than is necessary for a buffer calculator.
The skill requests general file read/write/edit and shell access, while the visible functionality only needs calculation and possibly running the local Python script.
allowed-tools: [Read, Write, Bash, Edit]
Limit the skill to the minimum tools needed, and require explicit user approval before any shell command or file modification.