NoahAI medical conference query
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent read-only Noah API search skill, but it requires a Noah API token and sends search queries to noah.bio.
This skill looks safe to use for its intended purpose if you trust Noah’s API service. Before installing, make sure you are comfortable providing a NOAH_API_TOKEN and sending your conference or medical-research search terms to noah.bio.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and using the skill gives it access to the Noah API under the token you provide.
The skill uses a bearer token from an environment variable to authenticate API requests. This is disclosed and purpose-aligned, and the code shown does not print the token.
api_token = os.environ.get("NOAH_API_TOKEN", "").strip()
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {api_token}",
}Use a token intended for this service, avoid exposing it in chat or logs, and rotate or revoke it if it is no longer needed.
Search terms such as drugs, diseases, authors, institutions, and conference names are sent to noah.bio to produce results.
The script sends the presentation search payload to an external Noah API endpoint. This matches the skill’s stated search purpose, but it is still a remote data flow users should notice.
API_URL = "https://www.noah.bio" ENDPOINT = "/api/skills/conference_presentation_search/" ... response = requests.post(url, headers=headers, json=payload, timeout=30, allow_redirects=False)
Use the skill only for queries you are comfortable sending to Noah’s service, and check the provider’s data handling terms if the query is sensitive.