ClawHub

Personal Genomics

v4.2.0

Analyze raw DNA data from consumer genetics services (23andMe, AncestryDNA, etc.). Extract health markers, pharmacogenomics, traits, ancestry composition, ancient DNA comparisons, and generate comprehensive reports. Uses open-source bioinformatics tools locally — no data leaves your machine.

3· 2.6k·3 current·3 all-time
by@wkyleg
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (personal genomics, local analysis) align with the included Python analysis modules, marker databases, report generation, dashboard, and supported file formats. Required env vars, binaries, and config paths in the registry are empty — consistent with a pure-Python local tool. The README references a GitHub repository (https://github.com/wkyleg/personal-genomics.git) while the registry entry lists source/homepage as unknown/none; that's a minor metadata mismatch but does not contradict the functionality.
Instruction Scope
SKILL.md and code instruct the agent to load local DNA files and write reports to ~/dna-analysis/reports/. The instructions and visible code focus on parsing genotyping files, marker lookup, PRS, haplogroups, and PDF/dashboard generation. I saw no instructions to read unrelated system files or to send data externally. The code references optional local data like AADR (ancient-dna) with explicit instructions for the user to download it separately rather than auto-download.
Install Mechanism
The registry contains no install specification (instruction-only), but README suggests cloning a GitHub repo and pip installing requirements.txt (or using 'clawhub install'). That implies fetching code and Python packages from the network during installation. The skill claims 'zero network requests' at runtime; that claim appears to refer to analysis execution, not to installation. Confirm requirements.txt and pip packages before installing to ensure no unexpected post-install steps or network activity.
Credentials
The skill requests no environment variables or external credentials. It creates and writes reports to a directory under the user's home (~/dna-analysis/reports/) which is expected for this functionality. Because outputs contain highly sensitive genetic/health information, this filesystem access is appropriate but privacy-sensitive — the behavior is proportionate to the stated purpose.
Persistence & Privilege
The skill is not marked 'always: true' and uses default model invocation settings. It does create files under the user's home (reports, dashboard, agent_summary.json) but does not request persistent platform-level privileges or modify other skills. Autonomous invocation is allowed by default on the platform; combine that with sensitive-data access only if the agent is permitted to read user DNA files. No evidence the skill attempts to persist credentials or change other skills' configurations.
Assessment
This package appears to implement local DNA analysis as described, but take these precautions before installing or running it: - Verify the source: README points to a GitHub repo but the registry lists no homepage. If you plan to run it, inspect the full repository (requirements.txt and all source files) yourself or from a trusted reviewer. - Check requirements.txt and installed packages: pip installs will fetch code from the network. Review dependency list for anything unexpected (native binaries, telemtry libraries, or post-install hooks). - Search the code for network/system calls you didn't expect (look for imports or uses of requests, urllib, socket, subprocess, os.system, ftplib, smtplib, or any hardcoded URLs). The truncated files shown do not include network calls, but 67 files were omitted; review those too. - Run in an isolated environment: use a throwaway VM or container and a dedicated Python virtualenv when first executing, especially before feeding real DNA files. - Protect outputs: reports contain extremely sensitive genetic and health data. Ensure the output directory is encrypted or access-controlled, and avoid uploading reports to third-party services. - Consider professional guidance: results are explicitly non-clinical. For medical decisions, consult a clinician/genetic counselor. If you want higher confidence, provide the omitted files or the contents of requirements.txt so I can re-scan for hidden network calls or executables.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ajvv8pfj7yezhrb6tz0dwb980qpns

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments