ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sample Size & Power Calculator (Advanced)

v1.0.0

Advanced sample size and power calculations for complex study designs including survival analysis, clustered designs, and multiple comparisons.

0· 34·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (advanced sample size & power calculations) match the included implementation (scripts/main.py) and the declared dependencies (numpy, scipy). The script implements t-tests, chi-square, survival (log-rank), ANOVA, non-inferiority helpers and dropout adjustment — all coherent with the stated purpose.
!
Instruction Scope
SKILL.md instructs the agent/user to run scripts/main.py and provides example usage, but several documented argument names and examples do not match the actual CLI implemented in scripts/main.py (e.g., SKILL.md examples show '--test ttest' or '--test survival' and table uses names like 'ttest'/'chi2', while main.py requires choices like 'ttest-ind','ttest-paired','chisq','survival','anova','noninf'). The documentation also flags 'Network Access' as High even though the packaged script contains no network calls. The SKILL.md asks to confirm inputs and sandboxing (good) but the runtime instructions are inconsistent and could lead to runtime errors or mis-invocation.
Install Mechanism
There is no install spec; this is instruction-plus-source. requirements.txt lists only numpy and scipy, which are reasonable and proportional to the computations performed. No downloads from untrusted URLs or extract operations are present.
Credentials
The skill requests no environment variables, no credentials, and no special config paths. This is appropriate for a local numerical script. (No evidence of hidden credential usage in code.)
Persistence & Privilege
The skill does not request 'always' presence and does not modify other skills or system settings. It runs as a standalone script and does not request elevated or persistent privileges.
What to consider before installing
This package appears to implement legitimate sample-size calculations, but there are multiple documentation⇄code mismatches and some missing input validation. Before installing or running it: 1) Review and reconcile SKILL.md examples with scripts/main.py argument names (use --help to confirm valid flags). 2) Install numpy/scipy in an isolated environment (venv/container). 3) Test edge cases (missing args, hazard_ratio <= 0, None effect sizes) because the script assumes required numeric inputs and may raise exceptions. 4) Confirm the non-inferiority path (main.py asks for sigma via API use; CLI just prints a message). 5) Ignore the SKILL.md 'Network Access: High' entry unless you add network code — the current script makes no network calls. 6) Run the script on non-sensitive sample data first and review outputs for correctness before using results in real study planning. If you need higher assurance, request the author to fix documentation mismatches and add explicit input validation and argument parsing checks.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ctxka1e06d1sacbx8x6t8qn83ym5g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments