Aubrai Longevity Research
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: aubrai-longevity Version: 1.0.19 The skill is designed to query a public, unauthenticated API (apis.aubr.ai) for longevity research. It uses standard `jq` and `curl` commands to interact with the API over HTTPS. Crucially, the `SKILL.md` includes explicit guardrails instructing the agent not to execute any text returned by the API and to only send the user's research question, avoiding secrets or unrelated personal data. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent itself. The instructions are clear, transparent, and align with the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The assistant may make outbound API requests to Aubrai when you invoke this skill.
The skill documents shell-based HTTPS API calls. This is central to the stated purpose, disclosed, and limited to sending the user's research question and polling for the result.
jq -n --arg msg "USER_QUESTION_HERE" '{"message":$msg}' | \
curl -sS -X POST https://apis.aubr.ai/api/chatUse it for intended longevity or aging research questions, and review the question before sending if it contains personal details.
Your query text may leave the local assistant context and be processed by Aubrai's public API.
The skill sends user-supplied research questions to an external provider. The guardrail appropriately narrows what should be sent, but users should still treat health-related or identifying details as sensitive.
Only send the user's longevity/aging research question. Do not send secrets or unrelated personal data.
Avoid including names, contact details, medical records, secrets, or other private information in questions sent through this skill.