ClawHub
Back to skill
v1.0.0

pubmed2blog

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:41 AM.

Analysis

The skill is mostly aligned with turning PubMed papers into blog posts, but it instructs agents to set up recurring cron-based content generation without clear user approval, scope, or disable controls.

GuidanceBefore installing, verify the npm package and only run setup with provider API keys you are comfortable using. Do not allow the agent to create cron schedules unless you explicitly want recurring content generation and know how to disable it.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents
SeverityMediumConfidenceHighStatusConcern
SKILL.md
5. Schedule via cron for regular content generation

This tells an agent to create recurring background execution, but the artifact does not require explicit user approval, define a schedule, constrain outputs, or explain how to disable the job.

User impactThe agent could set up ongoing content generation that continues after the original task, potentially consuming API credits or creating unwanted files/content.
RecommendationOnly create cron jobs after explicit user confirmation, with a clear schedule, destination, cost expectations, and removal instructions.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
install: npm install -g pubmed2blog

The skill depends on a globally installed npm package that is not included in the reviewed artifacts and is not pinned to a version.

User impactInstalling the package may execute third-party code from npm, and a future package version could behave differently from what the skill describes.
RecommendationVerify the npm package publisher and source, pin a trusted version, and prefer installing in an isolated environment.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
Interactive setup for API keys and preferences... Supports Anthropic, OpenAI, and Z.AI providers.

The skill expects users to configure LLM provider API keys, which can grant account usage and incur costs, even though no credentials are declared in the registry metadata.

User impactProvider API keys may allow the CLI to send prompts to external services and spend account credits.
RecommendationUse restricted provider keys where possible, review where keys are stored, and monitor provider usage.