ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CDISC Library API Skill

v1.0.0

CDISC Library API Skill - 查询临床数据标准(QRS 量表、ADaM、CDASH、SDTM、受控术语)

0· 322·1 current·1 all-time
byAYAN@whereayan

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for whereayan/cdisc-library-api.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "CDISC Library API Skill" (whereayan/cdisc-library-api) from ClawHub.
Skill page: https://clawhub.ai/whereayan/cdisc-library-api
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install whereayan/cdisc-library-api

ClawHub CLI

Package manager switcher

npx clawhub@latest install cdisc-library-api
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name/description and included code consistently implement a CDISC Library API client and expose the CLI commands advertised. However the registry metadata declares no required environment variables or dependencies while the code and SKILL.md clearly require an API key (CDISC_API_KEY or a value in TOOLS.md) and the requests Python package. This mismatch between declared requirements and actual needs is incoherent and should be corrected.
Instruction Scope
SKILL.md and the code limit runtime actions to calling https://api.library.cdisc.org, caching responses, and reading an API key. The cdisc_client explicitly attempts to read TOOLS.md (three levels above the file) to find an API key and will fail if no key is found. The skill also creates and writes cache files under its own .cache directory. These behaviors are plausible for the claimed purpose but reading a repo-level TOOLS.md is a broader file access than many users expect.
!
Install Mechanism
There is no install spec even though the Python code requires the external 'requests' library (the client prints an error and exits if requests is missing). The package ships code files (not just instructions) but the registry metadata did not declare dependencies. That omission is inconsistent and increases installation risk (silent runtime failures or unexpected user prompts to install packages).
!
Credentials
The only credential the code needs is a CDISC API key (expected for this integration). However the registry did not declare CDISC_API_KEY as required. The client will attempt to read TOOLS.md for an API key, which means it may parse repository files outside the skill directory — this could inadvertently read other content if TOOLS.md contains other secrets. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request 'always' or elevated privileges. It writes cache files into its own 'skills/cdisc/.cache/' directory (normal for caching). It does not modify other skills or global agent configuration. Autonomous invocation is enabled (platform default) but is not combined with unusual privileges here.
What to consider before installing
This skill appears to implement a legitimate CDISC Library API client, but the manifest metadata is incomplete. Before installing: 1) Expect to provide a CDISC API key (CDISC_API_KEY) — the code will fail without it; the SKILL metadata should declare this but currently does not. 2) Ensure the Python 'requests' library is available (the package has no install script). 3) Review any TOOLS.md at your repository root (the client will try to read it to extract an API key) and remove any sensitive data from that file. 4) Note the skill writes cache files under skills/cdisc/.cache/ — if this is a shared environment, consider where files will be stored. 5) There's a small apparent syntax/corruption in commands/cache.py (a stray backtick and malformed import/insert line) which may cause runtime errors; consider reviewing/fixing the code before use. If you cannot verify these points or cannot provide a dedicated CDISC API key, avoid installing or running the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk9723c1sxc9nq90mpe0d9ycez982g0sk
322downloads
0stars
1versions
Updated 6h ago
v1.0.0
MIT-0
AYAN@whereayan
latest
Download

CDISC Library API Skill - 临床数据标准查询

查询 CDISC Library API,获取 QRS 量表、ADaM、CDASH、SDTM、受控术语等临床数据标准。

🔐 配置

TOOLS.md 中添加 API Key:

## CDISC API

- **API Key**: `你的 API Key`

获取地址:https://api.developer.library.cdisc.org/profile

或在环境变量中设置 CDISC_API_KEY

📋 命令

基础查询

命令说明示例
/cdisc-library-api products列出所有产品类别/cdisc-library-api products
/cdisc-library-api qrs <code> [version]查询 QRS 量表/cdisc-library-api qrs AIMS01
/cdisc-library-api items <code> <version>查询量表项目列表/cdisc-library-api items AIMS01 2-0
/cdisc-library-api adam <product> [ds]查询 ADaM 产品/数据结构/cdisc-library-api adam adam-2-1
/cdisc-library-api sdtm <version> [domain]查询 SDTM 实施指南/cdisc-library-api sdtm 3-4 DM
/cdisc-library-api cdash <version> [domain]查询 CDASH 标准/cdisc-library-api cdash 1-0 DM
/cdisc-library-api ct <codelist>查询受控术语代码表/cdisc-library-api ct C102111
/cdisc-library-api ct-packages查询术语包列表/cdisc-library-api ct-packages

高级查询

命令说明示例
/cdisc-library-api root <type>查询版本无关根资源/cdisc-library-api root qrs
/cdisc-library-api docs [category]查询 CDISC 文档/cdisc-library-api docs
/cdisc-library-api rules [product]查询 CDISC 规则/cdisc-library-api rules adam
/cdisc-library-api search <keyword>搜索变量/域/量表/cdisc-library-api search USUBJID
/cdisc-library-api compare <type> <id> <v1> <v2>版本比较/cdisc-library-api compare qrs AIMS01 1-0 2-0

工具命令

命令说明示例
/cdisc-library-api export <type> <id> [v]导出数据为 JSON/CSV/cdisc-library-api export items AIMS01 2-0 --format=csv
/cdisc-library-api batch <file>批量查询/cdisc-library-api batch queries.txt
/cdisc-library-api cache clear清除缓存/cdisc-library-api cache clear

📦 文件结构

skills/cdisc/
├── SKILL.md                  # 本文件
├── README.md                 # 快速开始指南
├── cdisc_client.py           # API 客户端封装
├── commands/
│   ├── products.py           # 产品列表
│   ├── qrs.py                # QRS 量表查询
│   ├── items.py              # 量表项目查询
│   ├── adam.py               # ADaM 查询
│   ├── sdtm.py               # SDTM 查询
│   ├── cdash.py              # CDASH 查询
│   ├── ct.py                 # 受控术语查询
│   ├── ct_packages.py        # 术语包列表
│   ├── root.py               # 根资源查询
│   ├── docs.py               # 文档查询
│   ├── rules.py              # 规则查询
│   ├── search.py             # 搜索
│   ├── compare.py            # 版本比较
│   ├── export.py             # 导出功能
│   └── batch.py              # 批量查询
└── assets/
    └── quickref.md           # 速查表

🔧 使用示例

查询量表详情

/cdisc-library-api qrs AIMS01

输出:

  • 量表名称、类型、注册状态
  • 最新版本号
  • 项目数量
  • 前 5 个项目预览

查询量表完整项目

/cdisc-library-api items AIMS01 2-0

输出所有项目列表(序号、代码、标签)。

查询 ADaM 数据结构

/cdisc-library-api adam adam-2-1 ADSL

输出 ADSL 数据结构的所有变量集。

查询 SDTM 域变量

/cdisc-library-api sdtm 3-4 DM

输出 DM 域的所有变量,按角色分组(标识符、时间戳、记录标识等)。

查询受控术语

/cdisc-library-api ct C102111

输出代码列表详情和前 20 个术语。

搜索

/cdisc-library-api search USUBJID

跨所有产品类别搜索匹配项。

版本比较

/cdisc-library-api compare qrs AIMS01 1-0 2-0

输出两个版本之间的新增、删除、修改项。

导出为 CSV

/cdisc-library-api export items AIMS01 2-0 --format=csv

导出量表项目到 CSV 文件。

批量查询

创建 queries.txt:

qrs AIMS01
qrs CGI01 1-0
items AIMS01 2-0
adam adam-2-1
ct C102111

执行:

/cdisc-library-api batch queries.txt

⚠️ 注意事项

  1. 速率限制:自动添加 100ms 请求间隔
  2. 缓存:查询结果缓存 1 小时,位于 skills/cdisc/.cache/
  3. 错误处理
    • 401:检查 API Key 是否正确
    • 404:检查参数格式(版本号应为 x-y 格式)
    • 429:请求过于频繁,已自动限流
  4. 版本号格式:使用 x-y 格式(如 2-0),不是 x.y

🔗 相关资源

Skill 版本:1.0 | 基于 CDISC Library API v1 | 覆盖 9 大类 350+ 端点

Comments

Loading comments...