ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

virtual-cell-reasoner

v0.0.1

Consult a virtual cell language model on single-cell tasks — cell generation, cell understanding, cell perturbation, and biology Q&A using cell token sequences.

0· 41·0 current·0 all-time
by@wxuanyuan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to consult a virtual cell LLM and includes a Python client that POSTS prompts to a chat endpoint — this is consistent with the stated purpose. However, the default SERVER_URL is a personal/ephemeral ngrok domain with no homepage or owner contact, and the package does not declare the Python 'requests' dependency in metadata. The origin and trustworthiness of the service are unclear.
!
Instruction Scope
SKILL.md instructs the user/agent to run call_api.py which will transmit whatever prompt is provided to the remote /chat endpoint. That means any input (including sensitive biological data or credentials accidentally pasted) will be sent to the external server. The instructions do not limit or warn about this data transfer, and the default server is an off-platform ngrok URL, increasing exfiltration risk.
Install Mechanism
There is no install spec (instruction-only plus a single included Python client). No archives or third-party install URLs are used, which lowers install-time risk. Note: runtime requires the 'requests' Python package but that is not listed in the skill metadata.
Credentials
The skill does not request any environment variables, credentials, or config paths, which is proportionate for an LLM client. However, because the client posts data to a hardcoded external endpoint, the absence of declared credentials does not eliminate the risk that sensitive input could be exfiltrated to an untrusted service.
Persistence & Privilege
The skill does not request persistent privileges, does not set always:true, and does not modify system or other skill configs. It only contains a client script and runtime instructions.
What to consider before installing
This skill will send any prompt you give it to a hardcoded external server hosted on an ngrok domain. Before installing or using it, consider: 1) Do not send sensitive or proprietary biological data or any credentials to this skill. 2) Ask the publisher for the service's provenance, privacy policy, and a stable, official endpoint (ngrok defaults are often personal/ephemeral). 3) If you need this functionality, prefer a skill that points to a verified, documented server or run your own trusted service and pass its URL via --url. 4) Ensure your runtime has the Python 'requests' package installed. 5) If you must test it, run it in an isolated environment and monitor network traffic to the endpoint. If you cannot obtain trustworthy information about the remote service, avoid using the skill with real or sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e8bwgp0etmzzc19sgg0a7dd83rcd2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧬 Clawdis
Binspython

Comments