ClawHub

ncbi-search

v1.0.1

Search NCBI databases using E-Utilities API (official, free). Supports multiple databases: PubMed (literature), Gene, Protein, Nucleotide, dbSNP, ClinVar, Ta...

0· 229·0 current·0 all-time
byPengside@side-peng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code: scripts call NCBI E-Utilities (esearch, esummary, efetch) and implement intent detection for PubMed, Gene, Protein, dbSNP, ClinVar, taxonomy, etc. No unrelated services or credentials are requested.
Instruction Scope
SKILL.md instructs running the provided Python scripts and to set NCBI_API_KEY (optional). Instructions reference only user-specified files (PMID lists) and NCBI endpoints. Minor issues: SKILL.md/README claim "no external dependencies" while the code requires the third-party 'requests' library and the README shows pip install requests; there's also a small path typo in one example ("~/.agents/skill/" vs "~/.agents/skills/"). These are implementation/documentation inconsistencies but not malicious scope creep.
Install Mechanism
No install spec in the registry (instruction-only install). The project includes Python scripts and expects the 'requests' package; README suggests pip install requests. No downloads from arbitrary URLs or archive extraction are present. The lack of an explicit install step means users must manually ensure Python and dependencies are available.
Credentials
The only credential discussed is the optional NCBI_API_KEY (used to raise rate limits) and it is accessed via command-line arg or NCBI_API_KEY environment variable. No other secrets, unrelated environment variables, or config paths are requested.
Persistence & Privilege
Registry flags are default (always:false, user-invocable:true). The skill does not request persistent elevated privileges or modify other skills. It will perform network requests to NCBI when invoked; no autonomous always-on behavior is requested.
Assessment
This skill appears to do what it says: local Python scripts call NCBI E-Utilities and optionally use your NCBI API key for higher rate limits. Before installing: 1) Verify you have Python and install the 'requests' package (README shows pip install requests) — SKILL.md's "no external dependencies" claim is inaccurate. 2) Confirm you trust the skill source (source/homepage unknown). 3) If you plan heavy usage, create and set an NCBI API key to avoid throttling. 4) Review the included scripts yourself (they are short and readable) or run them in a sandboxed environment first. Finally, note the skill will make outbound network calls to NCBI (expected), but it does not request other credentials or access system-wide secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk972masya575tkg5b0syyh8t4s82thj7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments