ClawHub

Pubmed Edirect

v0.4.4

Search and retrieve literature from PubMed using NCBI's EDirect command-line tools. ⚠️ Advanced skill requiring manual installation.

4· 2.5k·10 current·10 all-time
byKGTAF@killgfat
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the actual requirements and behavior: the skill requires the EDirect binaries (esearch, efetch, elink, xtract, einfo, efilter) and provides documentation and scripts that invoke those tools. No unrelated binaries, services, or credentials are requested.
Instruction Scope
SKILL.md and the included docs/scripts confine instructions to installing, configuring, and running EDirect and to using OpenClaw's exec to run EDirect commands. The docs explicitly warn about reviewing installer scripts, avoiding piping remote scripts to shell, and recommend isolation. There are OpenClaw exec examples that run commands and save results to the agent workspace — expected for a local CLI integration. No instructions request reading unrelated system secrets or exfiltrating data to third-party endpoints.
Install Mechanism
There is no automated install spec — installation is manual and points to the official NCBI FTP/HTTP (ftp.ncbi.nlm.nih.gov / https://www.ncbi.nlm.nih.gov/books/NBK179288/). The docs explicitly instruct to download-and-review rather than piping to shell. This is a proportionate and lower-risk approach compared to blind downloads from untrusted servers.
Credentials
Only optional environment variables are documented (NCBI_API_KEY and NCBI_EMAIL) and they are appropriate for EDirect (rate-limiting and identification). The skill does not request unrelated secrets or config paths. The INSTALL.md does note that system package installation (Perl modules) may require sudo — that is a legitimate prerequisite for this toolchain but is a privilege escalation point you should manage consciously.
Persistence & Privilege
The skill does not request always:true or any ability to alter other skills or global agent configuration. It suggests adding EDirect to PATH and updating shell rc files only for the user, which is standard for CLI tools. OpenClaw integration examples create workspace files and cron jobs under the workspace; these are expected for automation but should be deliberately enabled by the user.
Assessment
This skill appears coherent and matches its stated purpose, but follow the documentation and good security hygiene before installing: review the official install-edirect.sh script you download (do not pipe remote scripts to bash), preferably test the installer in a container or VM, avoid running installers as root unless necessary, and audit the included scripts before running them. If you plan to use cron/automation in OpenClaw, limit workspace permissions and avoid storing sensitive credentials in shared shell rc files; store an NCBI API key only in a place you control and rotate it if needed. If you have low trust in the source of this registry entry, consider using a containerized ncbi/edirect image or perform installation on an isolated test environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bqh60pk9af2zybv70dprn7181d7f2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔬 Clawdis
Binsesearch, efetch, elink, xtract, einfo, efilter

Comments