Fold
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block); human review is required before treating this skill as clean.
This skill looks reasonable for FastFold use. Before using it, be comfortable sending your sequences and job parameters to FastFold, keep your API key only in a local uncommitted .env file, avoid overriding the API base URL unless you trust it, and verify any public-job setting before submission. ClawScan detected prompt-injection indicators (base64-block), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who obtains the key could submit FastFold requests as the user and potentially consume quota.
The skill uses a FastFold API key with account authority. This is expected for the stated API integration, but users should treat the key as a real credential.
Scripts read `FASTFOLD_API_KEY` from local `.env` or environment. ... anyone with the key can make requests on your behalf.
Use a revocable FastFold key, keep .env out of version control, rotate the key if exposed, and declare FASTFOLD_API_KEY in the skill metadata.
Protein sequences and job parameters are sent to FastFold, and job creation may use account quota. Jobs can also be made public if the public option or payload field is used.
The script posts user-provided sequence data to the FastFold Jobs API, which is central to the skill's purpose but is still an external side effect.
"sequences": [{"proteinChain": {"sequence": sequence}}], ... method="POST"Review the sequence payload and any `isPublic` or `--public` setting before creating a job.
If an untrusted or non-HTTPS-compatible endpoint is used as the base URL, the FastFold API key could be sent to the wrong server.
Authenticated requests are sent to the configured base URL. The default is the official FastFold API, but users should be cautious when overriding it.
ap.add_argument("--base-url", default="https://api.fastfold.ai", help="API base URL") ... headers = {"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}Use the default FastFold API URL unless you intentionally trust a test endpoint, and prefer HTTPS endpoints for authenticated calls.
The agent may fail to create the template .env file or may need to create one manually.
The instructions reference an .env example file, but the provided file manifest does not include `references/.env.example`, so the setup path is incomplete or ambiguous.
Copy `skills/fold/references/.env.example` to `.env` at the **workspace (project) root**.
Add the referenced `.env.example` file or update the instructions to create a minimal `FASTFOLD_API_KEY=` file without overwriting any existing .env.