ClawHub

Conflict Of Interest Checker

v0.1.4

Check for co-authorship conflicts between authors and suggested reviewers

0· 114·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and instructions: a local Python tool that compares authors and reviewers using publication records. It does not request unrelated credentials, binaries, or network access.
Instruction Scope
SKILL.md directs the agent/user to run the included script with author/reviewer lists or a CSV file. The instructions are scoped to the task and do not request external data. However the documentation's security checklist (e.g., path traversal protections) is not implemented in the script — the tool will open whatever CSV path you provide without validation.
Install Mechanism
No install spec; this is instruction-only plus a small included Python script. No third-party downloads or package installation are required.
Credentials
The skill declares no environment variables, credentials, or config paths and the code does not access any secrets or external service credentials.
Persistence & Privilege
Skill is not always-enabled and does not request persistent or elevated agent/system privileges. It only runs when invoked.
Assessment
This skill appears to do what it claims and is not requesting secrets or network access. Still, treat it as untrusted code: (1) Review the script first — it contains small bugs (e.g., demo data uses lists where the code expects sets and an institutional-check function references an undefined variable) that can cause crashes or unexpected behavior. (2) Run it in an isolated environment or sandbox and test with non-sensitive sample CSVs. (3) Do not point it at sensitive personal or production data until you add input-path validation and fix the bugs. (4) If you plan to integrate into a pipeline, add file-path sanitization (prevent ../ traversal), explicit CSV schema validation, and consider logging/output restrictions. If you want, I can suggest specific code fixes and tests.

Like a lobster shell, security has layers — review code before you run it.

latestvk970kpv4swye5fems3afpn3qtd832s3p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments