Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
journal-monitor-xch
v1.0.3Professional journal monitoring tool. Features fuzzy journal recognition, mandatory bilingual titles, and optional 100-word English lay summaries.
⭐ 0· 22·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code (monitor.py) calls NCBI Entrez to fetch PubMed articles and the SKILL.md describes fuzzy journal matching, summaries, and file output — this aligns with the stated 'journal monitoring' purpose. However, the SKILL.md includes an install hint for Biopython while the registry metadata lists no install spec; the skill requires the biopython package but does not declare it formally. Also monitor.py hard-codes an Entrez.email (a third‑party address) instead of using an agent/user-provided email or environment variable.
Instruction Scope
The runtime instructions require the agent to run the bundled script and then save a generated text file to the user's Desktop (Journal_Update_[YYYYMMDD].txt). The skill did not declare any required config paths for writing to the Desktop. Writing files to the user's Desktop and enforcing mandatory bilingual translations are within the functional scope, but instructions assume filesystem access and a specific Desktop path format (which may vary by OS) without declaring or validating that access.
Install Mechanism
There is no formal install spec in the registry, but SKILL.md contains a metadata.install entry 'uv pip install biopython' which appears malformed (extra 'uv') and is not a vetted install step. The script needs the biopython package (Bio.Entrez), so the missing/incorrect install instruction is an inconsistency that could lead an agent to run an unexpected shell command or fail at runtime.
Credentials
The skill requests no environment variables, which is reasonable, but monitor.py hard-codes Entrez.email to 'chenghan_xiao@hotmail.com' rather than using a declared env var. Hard-coding another person's email is unexpected (NCBI prefers contact info) and could be considered poor privacy hygiene. No API keys or elevated credentials are requested, which is proportionate.
Persistence & Privilege
The skill is not marked 'always' and uses normal autonomous invocation defaults. It does instruct the agent to write a file to the user's Desktop, but it does not request persistent installation or modify other skills/configs. This level of privilege is typical for a user-invoked utility.
What to consider before installing
Things to consider before installing or running this skill:
- The tool does what it claims (queries PubMed) but the SKILL.md contains a malformed install hint ('uv pip install biopython'). Confirm and install Biopython yourself (e.g., pip install biopython) before running, or fix the install instruction.
- monitor.py hard-codes Entrez.email to someone else's address. Replace that with your email or an ENTEX_EMAIL environment variable to comply with NCBI contact expectations and to avoid using another person's contact info.
- The skill saves output to the user's Desktop without declaring a config path. Verify the agent has explicit permission to write to that location and confirm the path logic is correct for your OS (Desktop path differs on Linux/macOS/Windows).
- The code does not use an NCBI API key; for frequent use you may want to add one to avoid rate limits. That would require adding a declared env var if you allow the skill to use it.
- The mismatches (missing formal install spec, malformed command, hard-coded email) look like sloppy engineering rather than clearly malicious behavior, but they increase risk. If you intend to use it, review or run the script in a sandbox, fix the install and email handling, and verify the exact file writes it performs.Like a lobster shell, security has layers — review code before you run it.
latestvk9720cn27htxstwpqg6q263ej584hmz8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧬 Clawdis
Binspython3