3d Cog
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill must provide a CellCog credential, so generated tasks may be associated with that account.
The skill requires a CellCog API key, which gives the integration authority to act under the user's CellCog account. This is expected for the stated service integration and is clearly disclosed.
requires:
bins: [python3]
env: [CELLCOG_API_KEY]Use a dedicated or least-privileged CellCog API key if available, keep it out of prompts and logs, and revoke it if you stop using the skill.
Prompts and any user-selected reference files may be processed by CellCog's remote service and returned asynchronously.
The skill uses CellCog chat tasks with an agent mode and an OpenClaw notification session key. This indicates communication between the local agent session and an external CellCog agent workflow.
result = client.create_chat(
prompt="[your task prompt]",
notify_session_key="agent:main:main",
task_label="my-task",
chat_mode="agent",
)Send only files and prompts you intend to share with CellCog, and review CellCog's privacy and retention terms for confidential product images or datasets.
The actual SDK or referenced CellCog skill may define important runtime behavior such as file handling, timeouts, and network calls.
The skill depends on an external CellCog SDK/skill that is not included in the provided artifact set. The dependency is disclosed and aligned with the purpose, but its provenance should be verified.
dependencies: [cellcog] For your first CellCog task in a session, read the **cellcog** skill for the full SDK reference
Install the CellCog SDK/skill only from a trusted source, verify package provenance, and review the referenced SDK documentation before sending sensitive files.