PMC Harvest
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your literature search terms and requested PMC IDs are sent to NCBI/PMC, and returned article data may be printed or used by the agent.
The code sends user search terms and PMCID requests to external NCBI/PMC APIs. This is expected for the stated purpose and is clearly disclosed.
const EUTILS_BASE = 'https://eutils.ncbi.nlm.nih.gov/entrez/eutils'; const OAI_BASE = 'https://pmc.ncbi.nlm.nih.gov/api/oai/v1/mh/';
Use it for public literature retrieval, avoid sensitive unpublished query terms if that matters to you, and follow NCBI rate-limit guidance.
It is harder to independently verify the maintainer, update history, or upstream repository for this skill.
The registry metadata does not provide an upstream source or homepage, so provenance is limited even though the full code is included and no external install step is shown.
Source: unknown Homepage: none
Review the included code before installing and pin or re-review the exact version before using it in automated pipelines.