Skillv0.1.0

ClawScan security

Medical Research Literature Reader Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 13, 2026, 11:59 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, files, and runtime instructions align with its stated purpose as a literature-reading and appraisal assistant; it is an instruction-only skill with no installs or credential requests.
Guidance: This skill appears internally consistent, but a few practical safety points before installing or using it: 1) Data privacy — the skill is built to accept PDFs and images. Do not upload or paste protected health information (PHI) or identifiable patient data unless your environment and policies permit it. 2) Source verification — outputs (interpretation, suggested related papers, translational claims) are analysis-level and should be verified against the original paper and primary sources before citing or acting clinically. 3) No automatic fetching declared — the SKILL.md says to attempt retrieval when given a DOI/PMID but provides no network code; check whether your platform will perform web searches or fetch articles on your behalf and whether you consent to that. 4) Use as an analytical assistant, not a final arbiter — for high-stakes decisions (clinical care, grant commitments, regulatory claims), have human experts review findings. 5) If you need the skill to integrate with other services (PubMed, NCT registry, reference managers), confirm what connectors the hosting platform provides and whether API keys or credentials will be requested separately.

Purpose & Capability: okName/description (medical literature reading, critique, track-based appraisal) match the included SKILL.md and reference modules. All referenced capabilities (track routing, figure review, follow-up experiment generation, plugin deliverables) are described in the bundled reference files and are appropriate for a research-grade literature reader.
Instruction Scope: okThe SKILL.md instructs the agent how to handle PDFs, abstracts, DOIs/PMIDs, screenshots and how to escalate when full text is missing. Instructions stay within the domain of paper analysis and generating deliverables. There are no instructions to read unrelated system files, access arbitrary env vars, or exfiltrate data to unknown endpoints.
Install Mechanism: okNo install spec or code files — this is instruction-only. No downloads, package installs, or executable artifacts are present, so there is nothing written to disk or executed by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The analysis capabilities described do not require external secrets. This is proportionate to the stated functionality.
Persistence & Privilege: okFlags are defaults (always: false, model invocation enabled). The skill does not request persistent system-level privileges or to modify other skills' configs. Autonomous invocation is permitted (platform default) but not combined with any extra privileges or secret access.