scellrun
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears legitimate for single-cell analysis, but it asks the agent to log into data machines and set up/run software without clear boundaries for credentials, targets, or approval.
Use this only after confirming the exact machine, dataset path, account, working directory, and environment the agent may touch. Prefer a dedicated least-privilege account and isolated virtual environment, verify the scellrun package/version, and protect generated reports and override files because single-cell or clinical datasets can be sensitive.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could run commands or change software environments on a remote data system beyond what the user expected.
This instructs broad remote shell use, environment setup, and command execution, but the visible artifact does not define host/path limits, approval checkpoints, or containment for changes.
You will ssh to wherever the data lives, set up an env, run scellrun, read the artifacts it writes
Before use, require explicit confirmation of the target host, data path, working directory, virtual environment, and any install or force/re-run commands.
A user may unintentionally delegate access to sensitive research or clinical systems without a clear credential boundary.
SSH access normally relies on user accounts or keys, but the registry declares no primary credential and the visible instructions do not bound which credentials or privileges the agent may use.
You will ssh to wherever the data lives
Use a least-privilege account, avoid shared admin credentials, and have the agent ask before connecting to any remote system.
The user could install or upgrade an external package that was not reviewed in these artifacts.
The skill depends on an external package install/upgrade, while the supplied artifacts show no install spec or package pinning. This is purpose-aligned but leaves provenance verification to the user.
Tell the user `pip install --upgrade scellrun` and re-run.
Verify the scellrun package source, pin an expected version, and install it in an isolated environment.
If an override file is tampered with or reused without review, future analysis conclusions could change.
The workflow persists review overrides that can later be consumed by `analyze --apply-overrides`, so stored files can influence future labels, exclusions, and thresholds.
`scellrun review` (Flask UI on 127.0.0.1 for human-in-the-loop overrides; saves `<run-dir>/06_views/review_overrides.json`)
Protect run directories, review override files before applying them, and keep provenance for any human edits.