ClawHub

Pathology ROI Selector

v1.0.0

Use pathology roi selector for data analysis workflows that need structured execution, explicit assumptions, and clear output boundaries.

0· 47·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md and the included script all align: this is a local pathology ROI selector script. The skill does not request unrelated credentials or binaries. Note: the packaged Python implementation is a simple placeholder that returns mocked ROI results rather than performing real WSI image analysis; this is a capability mismatch (not a security one).
Instruction Scope
SKILL.md confines actions to running the packaged script and validating inputs before execution. It does not instruct reading unrelated files or env vars. However, the documentation claims input validation and path traversal protections while the provided script performs no input/path validation or sandboxing; that gap may lead to accidental file overwrite or processing of unintended files.
Install Mechanism
No install spec is present and there are no downloads. The skill is instruction-only with a local Python script included — minimal install risk.
Credentials
The skill requests no environment variables or credentials and the code does not access external secrets or network. The requested environment is proportional to the stated local processing purpose.
Persistence & Privilege
The skill is not always-loaded and does not modify agent/system configuration. It runs only when invoked; no elevated persistence or cross-skill configuration changes are requested.
Assessment
This skill appears coherent and not malicious, but take these precautions before using it: - Review the included scripts/main.py yourself (it currently returns mocked ROIs) and do not rely on it for clinical decisions. - Run the script in a sandboxed environment or test workspace first to avoid accidental overwrites (it writes the output path as provided without validation). - Do not run this on sensitive or PHI-containing images until you verify behavior and add proper data handling controls. - If you need real WSI processing, expect to add proper image-processing libraries and pin dependencies; the package currently lists none and is a draft. - Consider adding input path validation, output directory restrictions, and error sanitization before automating execution. - If you want higher assurance, request a version that implements the actual image-analysis logic and includes dependency/version manifests and unit tests.

Like a lobster shell, security has layers — review code before you run it.

latestvk974ngjqfj0hkefs7xnsc8svbh83x6ry

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments