ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ebm Calculator

v0.1.0

Evidence-Based Medicine calculator for sensitivity, specificity, PPV, NPV, NNT, and likelihood ratios. Essential for clinical decision making and biostatisti...

0· 118·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code (scripts/main.py) implements sensitivity, specificity, PPV/NPV, likelihood ratios, NNT, and pre/post-test conversion as advertised. No unrelated binaries, credentials, or network access are requested.
Instruction Scope
SKILL.md describes file I/O and 'Read input files, write output files' in risk table, but the script accepts inputs via CLI args and only writes output if --output is provided. The documentation implies more file input behavior than the code actually performs.
Install Mechanism
Instruction-only plus one included Python script; there is no install spec, no external downloads, and no packages required beyond the standard library.
Credentials
No environment variables, credentials, or config paths are requested. The tool operates purely on provided CLI parameters.
Persistence & Privilege
Skill is not forced-always, and does not attempt to modify other skills or system-wide settings. It has normal, limited presence.
What to consider before installing
This skill appears to do what it says and uses only standard Python libraries, but review before running: (1) The script will write to whatever path you pass to --output without validating it—don’t point it at sensitive files or system paths and avoid running as a privileged user; (2) The SKILL.md mentions reading input files but the script takes CLI arguments, so confirm how you intend to supply data; (3) Test the calculations with known examples before using results clinically (NNT rounding/interpretation is simplistic); and (4) Run the script in a sandbox or isolated environment if you want extra safety. If you need automatic invocation by an agent, ensure the agent won’t supply untrusted paths for --output.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e6q16c5mzyy696zdpaj7929837531

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments