Back to skill
Skillv1.0.1
ClawScan security
ncbi-search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 11:26 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (searching NCBI via E-Utilities), requests only an optional NCBI API key, and its code calls only NCBI endpoints — no unexplained credentials, external endpoints, or high-privilege actions were found.
- Guidance
- This skill appears to do what it says: local Python scripts call NCBI E-Utilities and optionally use your NCBI API key for higher rate limits. Before installing: 1) Verify you have Python and install the 'requests' package (README shows pip install requests) — SKILL.md's "no external dependencies" claim is inaccurate. 2) Confirm you trust the skill source (source/homepage unknown). 3) If you plan heavy usage, create and set an NCBI API key to avoid throttling. 4) Review the included scripts yourself (they are short and readable) or run them in a sandboxed environment first. Finally, note the skill will make outbound network calls to NCBI (expected), but it does not request other credentials or access system-wide secrets.
Review Dimensions
- Purpose & Capability
- okName/description match the included code: scripts call NCBI E-Utilities (esearch, esummary, efetch) and implement intent detection for PubMed, Gene, Protein, dbSNP, ClinVar, taxonomy, etc. No unrelated services or credentials are requested.
- Instruction Scope
- noteSKILL.md instructs running the provided Python scripts and to set NCBI_API_KEY (optional). Instructions reference only user-specified files (PMID lists) and NCBI endpoints. Minor issues: SKILL.md/README claim "no external dependencies" while the code requires the third-party 'requests' library and the README shows pip install requests; there's also a small path typo in one example ("~/.agents/skill/" vs "~/.agents/skills/"). These are implementation/documentation inconsistencies but not malicious scope creep.
- Install Mechanism
- noteNo install spec in the registry (instruction-only install). The project includes Python scripts and expects the 'requests' package; README suggests pip install requests. No downloads from arbitrary URLs or archive extraction are present. The lack of an explicit install step means users must manually ensure Python and dependencies are available.
- Credentials
- okThe only credential discussed is the optional NCBI_API_KEY (used to raise rate limits) and it is accessed via command-line arg or NCBI_API_KEY environment variable. No other secrets, unrelated environment variables, or config paths are requested.
- Persistence & Privilege
- okRegistry flags are default (always:false, user-invocable:true). The skill does not request persistent elevated privileges or modify other skills. It will perform network requests to NCBI when invoked; no autonomous always-on behavior is requested.