ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Open Source License Check

v1.0.0

Check if referenced bioinformatics software/code licenses allow commercial use (GPL vs MIT, etc.).

0· 37·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (check whether software licenses allow commercial use) align with the provided artifacts: an instruction-only SKILL.md and a small Python script that contains a hardcoded license database and prints a report. The skill does not request unrelated credentials, binaries, or system paths.
Instruction Scope
SKILL.md instructs running scripts/main.py and validating inputs; runtime behavior is limited to reading a provided requirements file or command-line list and printing a report. That scope is appropriate. Note: the SKILL.md contains a table with license summaries that are oversimplified (for example AGPL is marked as disallowing commercial use), so outputs should not be relied on as definitive legal guidance.
Install Mechanism
No install spec is included (instruction-only plus a small packaged script). No downloads or archive extraction; nothing is written to system locations beyond what the script itself may write if extended by the user. Low install risk.
Credentials
No environment variables, credentials, or privileged config paths are requested. The script only reads local files passed explicitly (requirements file) and does not contact external endpoints.
Persistence & Privilege
Skill is not 'always' enabled and does not modify other skill configs or require persistent privileges. It runs only when invoked and its footprint is limited to the packaged Python script.
Assessment
This skill is internally consistent and low-risk to run locally, but treat its outputs as informational only: the embedded LICENSE_DB and SKILL.md license table are simplified and contain inaccuracies (e.g., AGPL/GPL entries and the 'commercial use' flags are represented in a way that could be misleading). Before relying on results for business decisions: 1) review and update the LICENSE_DB against authoritative sources or OSI/SPDX references; 2) do not treat the tool as legal advice—consult counsel for licensing questions; 3) inspect/validate any requirements file you pass to the script (parsing is simplistic) and run the script in a sandboxed environment if you have concerns about file contents; and 4) consider adding explicit tests and version-pinned dependencies if you will deploy this in an automated pipeline.

Like a lobster shell, security has layers — review code before you run it.

latestvk970t12e3p7se9qgcmpwgdgh3d83xtkw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments