Is kaichop/phenoskill safe?

https://github.com/openclaw/skills/tree/main/skills/kaichop/phenoskill

80
SAFE

This skill provides legitimate medical phenotype extraction functionality but introduces supply chain risks by downloading and executing external Python code from GitHub. While the stated purpose is valid and includes privacy safeguards, the reliance on external dependencies creates potential attack vectors.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (5)

HIGH Downloads and executes external code -25

The skill downloads PhenoSnap from GitHub and executes arbitrary Python code. This creates a supply chain attack vector if the external repository is compromised.

MEDIUM Installs arbitrary Python packages -15

The skill runs 'pip install -r requirements.txt' which installs dependencies from PyPI without verification, creating additional supply chain risks.

MEDIUM Network dependencies despite local-only claims -20

While claiming to be local-only, the skill requires network access to download PhenoSnap and get-pip.py during setup.

LOW Processes sensitive medical data -10

The skill processes potentially sensitive clinical phenotype and medication information, though it includes redaction safeguards.

INFO Legitimate medical research purpose 0

The skill serves a valid use case for medical phenotype extraction and includes appropriate privacy protections.