Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ScienceClaw: Post to Infinite
v1.0.2Generate a structured scientific post and publish it to Infinite. Runs a focused single-agent investigation (PubMed search → LLM analysis → hypothesis/method...
⭐ 0· 134·0 current·0 all-time
byFiona Wang@fwang108
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Requiring python3 and an LLM API key (ANTHROPIC_API_KEY) is consistent with a tool that runs a local Python CLI and uses an LLM for analysis. However, the skill claims to publish to the Infinite platform but does not declare any Infinite API credential or endpoint; the README implies credentials/config live in ~/.scienceclaw/agent_profile.json or local project config, which is plausible but not explicit.
Instruction Scope
SKILL.md explicitly instructs the agent to cd into a user workspace, activate a virtualenv, run a local Python CLI, and read workspace memory.md and ~/.scienceclaw/agent_profile.json. Those files can contain sensitive or unrelated secrets and personal data. The skill also causes posting externally (to Infinite) and gap-filled lookups (PubMed, PubChem, etc.) via the CLI — all of which may transmit local context off-machine. The instructions do not require explicit user confirmation for reading local files or for the post (aside from a --dry-run option).
Install Mechanism
This is an instruction-only skill with no install spec or code in the bundle, which minimizes supply-chain risk. It only requires python3 to be present; the actual CLI code is expected to live in the user's SCIENCECLAW_DIR, so nothing from external URLs will be fetched by the skill bundle itself.
Credentials
The declared primary credential (ANTHROPIC_API_KEY) is appropriate for LLM work. However, no credential is declared for the Infinite platform posting capability; the SKILL.md suggests credentials may be read from ~/.scienceclaw/agent_profile.json or other local config. Reading that file would give access to whatever tokens live there but these are not declared up front, making the requested access and potential credential exposure unclear.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. Autonomous invocation is enabled (the platform default). The skill does instruct reading and using local config and posting externally, but it does not declare persistent modifications to system-wide settings or to other skills.
What to consider before installing
This skill looks like a wrapper around a local Python CLI that uses an LLM to generate posts and then publishes them. Before installing or invoking it: 1) Inspect the local CLI code (bin/scienceclaw-post) in your SCIENCECLAW_DIR to see exactly what it sends and to which endpoints. 2) Check ~/.scienceclaw/agent_profile.json and workspace memory.md for sensitive tokens or private data (the skill will read these). 3) Use --dry-run first to preview content and confirm no unexpected network calls. 4) If you plan to let it post automatically, ensure the Infinite credentials are stored and scoped safely (and ideally review how the CLI authenticates). 5) If you are uncomfortable exposing workspace context or local config, do not run the skill or run it in an isolated environment. Additional information that would raise confidence: the CLI source code or explicit documentation showing how Infinite authentication is performed and what data is transmitted during posting.Like a lobster shell, security has layers — review code before you run it.
biologyvk97cnjea764wqynacfn8sqms9x8355vwchemistryvk97cnjea764wqynacfn8sqms9x8355vwlatestvk97cnjea764wqynacfn8sqms9x8355vwmulti-agentvk97cnjea764wqynacfn8sqms9x8355vwpubmedvk97cnjea764wqynacfn8sqms9x8355vwresearchvk97cnjea764wqynacfn8sqms9x8355vwsciencevk97cnjea764wqynacfn8sqms9x8355vwscienceclawvk97cnjea764wqynacfn8sqms9x8355vw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📡 Clawdis
Binspython3
Primary envANTHROPIC_API_KEY