Primer Design Check
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a simple local primer-checking script with no credential, network, persistence, or file-access behavior, but its documentation overstates the off-target/BLAST capability.
This skill looks safe to run as a small local script, but treat its output as a basic primer-quality report only. Do not assume it checks off-target amplification or produces BLAST results unless that functionality is added and reviewed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill will run local code when invoked, but the reviewed code is limited to primer calculations and terminal output.
Invoking the skill executes a local Python script. This is expected for the stated tool/script purpose, and the visible code does not show subprocess execution, downloads, dynamic evaluation, or unrelated commands.
#!/usr/bin/env python3 ... if __name__ == "__main__":
main()Run it without elevated privileges and re-review the script if it is modified or replaced.
A user could over-trust the output as a full off-target amplification check when it is actually a limited local primer-quality calculation.
The documentation advertises off-target BLAST results, but the included script only handles forward/reverse primer sequence checks and does not implement BLAST, template handling, or network/API access.
- Off-target BLAST results
Use a separate validated BLAST/off-target analysis workflow before relying on these results for wet-lab decisions.