Precision Oncology Zhcn
PassAudited by ClawScan on May 13, 2026.
Overview
This is a coherent oncology research skill, but it requires connecting a PatSnap MCP service with an API key and will make external lookup calls during use.
Before installing, confirm that you intend to use PatSnap’s MCP service, create a dedicated API key, and avoid submitting confidential patient or business information unless your policies allow it. The artifacts show no code execution or destructive behavior, but the skill depends on external provider calls and persistent MCP configuration.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with access to the configured MCP URL or command history could potentially see or misuse the API key, depending on local configuration and account controls.
The skill requires a PatSnap API key and places it in the MCP connection URL. This is expected for the PatSnap integration, but the API key is a sensitive credential.
登录 https://open.patsnap.com ,进入 **API Keys**,创建一个新 Key。 ... "https://connect.patsnap.com/096456/logic-mcp?apiKey=sk-xxxxxxxxxxxx"
Use a dedicated PatSnap API key with the least necessary permissions, avoid sharing terminal logs or config files, and rotate or revoke the key if it may have been exposed.
Research questions and tool calls may be sent to PatSnap’s MCP service, so confidential patient, business, or unpublished research details could leave the local agent environment.
The skill connects Claude Code to a remote PatSnap MCP service. This is clearly disclosed and aligned with the skill purpose, but it creates an external provider data boundary.
claude mcp add --transport http pharma_intelligence \ "https://connect.patsnap.com/096456/logic-mcp?apiKey=sk-xxxxxxxxxxxx"
Review PatSnap’s terms and your organization’s data-sharing rules before submitting confidential or regulated information through this skill.
Using the skill may consume API quota or create provider logs even before the substantive user question is answered.
The skill mandates an MCP tool call before processing each loaded query. The check is fixed and read-only, but it is still an automatic external API call.
**每次技能加载后、处理任何用户查询之前,必须先执行以下自检。** ... 使用 `ls_target_fetch` 按名称查询 EGFR
Install this skill only if you are comfortable with a PatSnap connectivity check occurring when the skill is used, and monitor API usage if quotas or costs matter.