ClawHub

Nutrigenomics

v0.3.1

Generate a personalised nutrition report from your genetic data (23andMe, AncestryDNA, or VCF). Analyses 40+ genes affecting nutrient metabolism, absorption,...

1· 418·0 current·0 all-time
byDavid de Lorenzo@drdaviddelorenzo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the actual code and manifest: modules parse genetic files, extract SNP genotypes, score variants and generate a report/figures. Required binary (python3) and declared Python package dependencies are proportional to a local data-processing/notebook-like analysis tool. No unrelated services, credentials, or system-level access are requested.
Instruction Scope
SKILL.md and openclaw_adapter show the runtime behaviour is limited to parsing a user-supplied genetic file, analysing a curated SNP panel, writing a report/figures and producing reproducibility artefacts. There are explicit privacy notes claiming no external transmission and no copying/checksumming of the input file. The adapter only prints/logs messages and returns metadata; it does not call network endpoints in the reviewed code.
Install Mechanism
No install spec is provided (instruction-only), yet the package contains multiple Python modules and a requirements.txt. This is not malicious, but practical: the runtime requires Python 3.11+ and the listed packages (pandas, numpy, matplotlib, seaborn, reportlab). Ensure these dependencies are installed in a controlled environment before running. Absence of an automated install step means the platform or operator must manage dependencies; this is an operational (not security) nuance.
Credentials
The skill requests no environment variables or credentials. The declared dependencies are typical for local data analysis. No secret-like env vars are required and no configuration paths beyond the skill directory are declared. Path-safety checks are present in the codebase (path_safety module is referenced) which aligns with the stated purpose.
Persistence & Privilege
The adapter creates a timestamped output directory under the working directory and explicitly documents that output files persist until manually deleted. always:false and normal autonomous invocation behaviour are used. One point to review before install: the reproducibility bundle function is passed the input file path (create_reproducibility_bundle(input_file=...)), and although changelogs state the input filename and input hash are intentionally excluded from the bundle, you should verify the repro_bundle implementation to confirm it does not record or checksum the raw input.
Assessment
This skill looks like what it says: a local Python-based tool that parses consumer genetic files and produces a nutrition-oriented report. Before installing or running it: (1) ensure you run it in a secure, offline or controlled environment because it processes highly sensitive genetic data; (2) install the declared Python dependencies in a virtualenv/conda environment (requirements.txt lists pandas, numpy, matplotlib, seaborn, reportlab); (3) confirm the reproducibility bundle implementation does not copy or checksum the raw input (the changelog asserts input filenames/hashes are excluded, but you should inspect repro_bundle.py to be certain); (4) be aware output files persist under the working directory—delete the timestamped output folder after download to avoid leaving sensitive files on disk; (5) review path_safety.py (present in the package) to confirm it enforces allowed input extensions and prevents path traversal in your deployment. If you want higher assurance, run the code on a disposable VM and inspect generated artefacts before using with real genetic data.

Like a lobster shell, security has layers — review code before you run it.

geneticsvk97dzvce486wr0vh21k04235m5823a40healthvk97dzvce486wr0vh21k04235m5823a40latestvk97fqm1h05ga608vqzjejjh1vs848v9snutrigenomicsvk97dzvce486wr0vh21k04235m5823a40nutritionvk97dzvce486wr0vh21k04235m5823a40

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧬 Clawdis
Binspython3

Comments