PubMed Review

v1.0.1

飞书自然语言触发的 PubMed 文献检索与 AI 综述生成系统。支持专业检索式扩展、限定词过滤、AI 结构化综述（brief+full）、飞书通知、追问回答。

⭐ 0· 93·0 current·0 all-time

by@crayfish-ai·duplicate of @crayfish-ai/pubmed-review (1.0.1)·canonical: @crayfish-ai/pubmed-review-skill

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for crayfish-ai/pubmed-review.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "PubMed Review" (crayfish-ai/pubmed-review) from ClawHub.
Skill page: https://clawhub.ai/crayfish-ai/pubmed-review
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pubmed-review

ClawHub CLI

Package manager switcher

npx clawhub@latest install pubmed-review

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill's code and scripts implement PubMed E-utilities search, abstract parsing, LLM-based summarization, task queuing, and Feishu notification — which matches the name/description. However, registry metadata at the top of the package listing claims "Required env vars: none" while SKILL.md and skill.json require MINIMAX_API_KEY (sensitive). There are also small metadata mismatches (published/version strings/homepage vs 'source: unknown'). These inconsistencies should be clarified.

ℹ

Instruction Scope

Runtime instructions and scripts operate on local task/result files, read a local .env.minimax by default, call the MiniMax LLM API with article abstracts, and invoke an external notify script to push messages. All of that is within the declared purpose, but two scope items deserve attention: (1) the code automatically loads an env file into process environment (potentially setting unrelated secrets), and (2) article abstracts (medical content) and user queries are transmitted to a third-party LLM (api.minimax.chat) — confirm that is acceptable for your data/privacy requirements.

✓

Install Mechanism

No install spec is provided; the skill is instruction/code-only and does not download arbitrary archives or run a remote installer. This is lower risk than skills that fetch remote binaries. The package contains only Python and shell scripts that will be run locally.

ℹ

Credentials

The only sensitive credential required is MINIMAX_API_KEY (used to call the MiniMax LLM) and that is proportional to the LLM summarization functionality. Other configurable items (MINIMAX_API_URL, MINIMAX_MODEL, NOTIFY_PATH, MINIMAX_ENV_FILE) are reasonable. However, the package will (by default) load and export all variables from a .env.minimax file into os.environ — this can unintentionally expose or override unrelated environment variables and may cause unintentional leakage if that file contains other secrets. Also the registry-level metadata incorrectly reported no required env vars, which is misleading.

✓

Persistence & Privilege

The skill does not request 'always: true', does not require root, and confines writes to its own task/result directories. It creates/modifies local files (tasks queue, results, followup state) which is expected for a queue/processor. It does open a lock file for dispatching; nothing indicates system-wide persistence or modification beyond the skill directory.

What to consider before installing

This skill appears to implement the advertised PubMed search + AI summarization pipeline, but please check these before installing: 1. Metadata mismatch: the registry header claims no required env vars, but SKILL.md and skill.json require MINIMAX_API_KEY (sensitive). Confirm which is authoritative before supplying secrets. 2. Secrets handling: the code automatically loads a .env.minimax file into environment variables. Ensure that file only contains the MiniMax API key (and nothing else you don't want imported or uploaded) and that its filesystem permissions are restricted. 3. Data exfiltration / privacy: article abstracts and user queries are sent to api.minimax.chat for LLM summarization. If abstracts include any sensitive or patient-identifiable information, do NOT send them to an external LLM without approval. 4. Notify script trust: the skill invokes an external notify binary/script (NOTIFY_PATH). Verify that notify is a trusted program (path is not user-controlled by untrusted actors) because the skill will call it with generated content. 5. Automation risk: scheduled usage (cron) and the task_dispatcher will automatically run the scripts and call external services. If you plan to deploy, run it in an isolated environment and test with non-sensitive data first. 6. Confirm provenance: the top-of-package source/homepage entries are inconsistent (some places say unknown, skill.json references a GitHub repo). If provenance matters, validate the upstream repository and author before trusting the code. If you proceed, review .env.minimax contents, validate the notify executable, and run the package in a controlled environment. If you want, I can point to specific lines that load the env file, call the LLM, and invoke notify so you can audit them more closely.

Like a lobster shell, security has layers — review code before you run it.

ai-summaryvk977wge51nnzg4c0yx2whj67sn84jsmnfeishuvk977wge51nnzg4c0yx2whj67sn84jsmnlatestvk977wge51nnzg4c0yx2whj67sn84jsmnliterature-searchvk977wge51nnzg4c0yx2whj67sn84jsmnpubmedvk977wge51nnzg4c0yx2whj67sn84jsmnskillvk977wge51nnzg4c0yx2whj67sn84jsmn

93downloads

0stars

2versions

Updated 2w ago

v1.0.1

MIT-0

PubMed Review Skill

Skill 说明

当用户在飞书发送 PubMed 相关检索需求时，本 skill 自动完成：

意图识别（pubmed_review vs other）
检索词提取 + 标准化 + OR/AND 扩展
PubMed E-utilities 文献检索
AI 综述生成（brief + full）
飞书推送 brief
本地存储 full 综述
追问回答（基于 PMID 上下文）

所需环境变量

变量名	必须	说明
`MINIMAX_API_KEY`	✅	MiniMax API Key
`MINIMAX_API_URL`	否	默认为 `https://api.minimax.chat/v1/text/chatcompletion_v2`
`MINIMAX_MODEL`	否	默认为 `MiniMax-M2.7-highspeed`
`NOTIFY_PATH`	否	飞书 notify 脚本路径，默认为 `which notify`
`MINIMAX_ENV_FILE`	否	环境变量文件路径，默认为 `./.env.minimax`

调用方式

通过 OpenClaw 飞书（推荐）

用户在飞书向 OpenClaw 发送自然语言消息，系统自动触发 pubmed_intent_handler.py。

直接命令行

# 创建任务
python3 scripts/add_pubmed_task.py "瘢痕激光" [max_articles]

# 触发检索（通过调度器）
python3 scripts/task_dispatcher.py

# 直接运行检索
python3 scripts/run_pubmed_review.py <task_id>

# 生成综述
bash scripts/run_pubmed_summary.sh <articles_json> <task_id>

# 追问回答
python3 scripts/pubmed_followup_handler.py "<用户追问>"

任务队列

任务存储在 tasks/ablesci_tasks.json（pubmed_review 类型任务也在此队列）。

字段规范：

{
  "id": "pubmed_<timestamp>_<random>",
  "type": "pubmed_review",
  "status": "pending|running|completed|failed",
  "created_at": "2026-04-10 12:00:00",
  "payload": {
    "topic": "瘢痕激光",
    "max_articles": 10,
    "search_term": "(scar OR keloid...) AND (laser...) AND last 5 years[dp] AND review[pt]"
  }
}

输出结构

飞书通知（brief）

📋 PubMed 文献综述完成

主题：acne isotretinoin
摘要提取：10 篇
综述文件：./results/pubmed/pubmed_xxx_summary.md

[brief 正文，约200字，多行显示]

本地文件（full）

路径：results/pubmed/{task_id}_summary.md

格式：Markdown，含完整综述正文 + 参考文献列表

追问回复

📖 综述追问回复

[LLM 回答内容，含 PMID 和文献标题]

检索式扩展规则

OR 扩展（同义词组）

主题词	扩展
`scar`	`(scar OR keloid OR hypertrophic scar)`
`laser`	`(laser OR fractional laser OR pulsed dye laser OR PDL OR CO2 laser)`
`infantile hemangioma`	`(infantile hemangioma OR hemangioma)`

限定词叠加优先级

时间：最近5年 > 最近10年（互斥，取最高优先级）
文献类型：系统评价 > meta分析 > 综述（互斥）
人群：儿童 + 成人同时出现时跳过（不添加过滤）
研究类型：随机对照 > 临床研究（仅在无其他过滤时使用）

追问上下文绑定

优先级（4层 fallback）：

消息中显式包含 task_id: pubmed_xxx → 精确绑定
当前有活跃追踪的综述任务 → 复用
从关键词匹配最近完成的任务 → 模糊匹配
无任何匹配时追加提示，要求用户提供 task_id

错误处理

错误类型	处理方式
MiniMax API 失败	降级为结构化摘要（来自 articles.json 摘要字段）
PubMed 检索失败	任务标记为 failed，飞书通知
Cookie 失效	暂停监控，飞书告警
LLM JSON 解析失败	自动规范化换行符后重试

发布信息

版本：v2.2.7-beta
依赖：Python 3.8+, PubMed E-utilities（免费）, MiniMax API
许可证：MIT

Comments

Loading comments...