ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

pubmed2blog

v1.0.0

Convert PubMed research papers into SEO-optimized, patient-friendly healthcare blog articles using a streamlined discover-extract-generate pipeline.

0· 662·1 current·1 all-time
byHolic@holic101
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and CLI commands (discover/extract/generate/pipeline) align with the stated purpose of turning PubMed papers into blog articles. However the SKILL.md advertises an 'init' step for API keys and 'Supports Anthropic, OpenAI, and Z.AI providers' but the registry metadata declares no required credentials or primaryEnv — that's an unexplained discrepancy.
Instruction Scope
Instructions are narrowly scoped to running the pubmed2blog CLI and optionally scheduling via cron. They do not instruct reading unrelated system files or exfiltrating data. The only scope creep is the 'init' interactive setup (which implies collecting/storing API keys) and a recommendation to 'schedule via cron' which could imply system modification if followed — the SKILL.md doesn't show where credentials/preferences are stored or what providers those API keys are for.
!
Install Mechanism
Installation is an npm global install (npm install -g pubmed2blog). That's a public-registry install with install-time code execution risk (postinstall scripts) and it comes from an unknown source (no homepage, no repository URL provided). Instruction-only skill + global npm install is moderate risk without provenance or package review.
!
Credentials
The SKILL.md implies use of API keys and support for multiple LLM providers, but the skill metadata lists no required env vars or primary credential. This mismatch means the skill may prompt the user for secrets at init or expect them to be provided at runtime without declaring them up-front — a transparency issue and potential risk.
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and is user-invocable. It does suggest saving generated articles and scheduling via cron, but it does not itself declare writing to system-wide config or changing other skills. No excessive privilege requested in metadata.
What to consider before installing
Before installing, verify the npm package's provenance: check the package page/registry (author, repository, recent publish history, and open-source code). Avoid global installs until you trust the package; prefer to install into a container or VM first. Ask the publisher which API keys the tool needs and where they are stored (local config file, OS keychain, or remote). Inspect the package's postinstall scripts and source code for network calls or unexpected filesystem writes. If you must use it in production, pin a known-good version, run npm audit, and consider running it with least privilege (no broad credentials present). If you want help reviewing the package's repository or package.json before running npm install -g, provide the package URL or tarball.

Like a lobster shell, security has layers — review code before you run it.

latestvk9770gg5nvcxzcvhss4mmbxzxn815hsz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments