Aetherlang Karpathy Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a disclosed hosted API connector, but its public API includes server-side persistent memory and broad remote execution features that users should review before use.
Review before installing. Use this skill only if you are comfortable sending queries and flow definitions to the hosted AetherLang/NeuroDoc API. Avoid secrets and personal data, avoid or tightly limit the memory node, use unique non-sensitive namespaces, and confirm any non-example tool URL before running a flow.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Information stored through the memory node may persist on the provider's server and may be reusable in later executions; if namespaces are guessable or shared, private or incorrect information could be exposed or reused.
The skill offers server-side persistent memory on a public unauthenticated API, but only describes namespace scoping and does not explain retention, access control, user isolation, or how stored data is protected from later recall or poisoning.
Auth: None required (public API) ... memory — Persistent State ... Store/recall data across executions (server-side, scoped to namespace).
Avoid storing secrets, personal information, or sensitive preferences. Use unique non-sensitive namespaces, clear memory when finished, and ask the provider for retention and isolation details before relying on this feature.
Anything included in the query or flow code is sent to api.neurodoc.app for processing.
The skill clearly discloses that user queries and flow code are sent to the hosted endpoint, creating a third-party data flow.
This skill sends your query and flow code to the API and returns results.
Do not include secrets, private documents, or unnecessary personal information in queries or flow code unless you are comfortable sending them to the provider.
A flow could cause the hosted service to contact external URLs and possibly send data in the request.
The hosted flow can make URL calls chosen in the flow code. The warning and confirmation instruction are helpful, but the capability is still broad and should be used carefully.
The `tool` node calls public REST URLs you specify. Only use trusted, public APIs. Never pass credentials or private URLs as `tool` parameters. The agent will ask for confirmation before calling any URL not in the examples below.
Confirm every non-example URL, use only trusted public APIs, and never include credentials, tokens, internal network addresses, or private data in tool URLs or parameters.
Flow code may cause the provider's server to run Python in its sandbox; results and inputs are processed remotely.
The skill includes code execution, but it is disclosed as server-side and central to the AetherLang node-execution purpose rather than hidden local execution.
code_interpreter — Real Math ... Sandboxed Python execution on the server.
Treat the sandboxing claim as a provider assurance, avoid submitting sensitive code or data, and review outputs before acting on them.
You must rely on the hosted service's claims for security properties that are not verifiable from the supplied artifacts.
There is no local package to inspect and the hosted backend source is not provided, so the reviewer cannot verify the implementation of the sandbox, memory isolation, or API behavior.
Source: unknown ... No code files present — this is an instruction-only skill.
Use the skill only if you trust the provider, and avoid sensitive workloads unless the provider documents its backend security, data retention, and isolation controls.