Scan Report
5 /100
neurico
Autonomous AI research framework that takes structured research ideas (YAML) and orchestrates AI agents to design, execute, analyze, and document scientific experiments, producing code, results, plots, LaTeX papers, and GitHub repositories.
NeuriCo is a legitimate autonomous research framework from University of Chicago (ChicagoHAI). SKILL.md is pure documentation; no executable code is bundled. The documented `curl | sh` command is a user-invoked install step for a known-safe tool (uv package manager), not hidden skill execution.
Safe to install
This skill is safe to use. No code is executed by the skill itself — it merely documents a workflow. Users running the install commands should do so intentionally. No action required.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No Read/Write calls. SKILL.md describes output workspace structure but the skill… |
| Network | NONE | NONE | — | No WebFetch/network calls in the skill. External URLs appear only as documentati… |
| Shell | NONE | NONE | — | No Bash tool invocation. `curl | sh` is user-invoked documentation, not a hidden… |
| Environment | NONE | NONE | — | No environment variable access by the skill. API key env vars are user-configure… |
| Skill Invoke | NONE | NONE | — | No cross-skill invocations documented. |
| Clipboard | NONE | NONE | — | No clipboard access. |
| Browser | NONE | NONE | — | No browser automation. |
| Database | NONE | NONE | — | No database access. |
1 Critical 5 findings
Critical Dangerous Command 危险 Shell 命令
curl -LsSf https://astral.sh/uv/install.sh | sh SKILL.md:105 Medium External URL 外部 URL
https://astral.sh/uv SKILL.md:47 Medium External URL 外部 URL
https://docs.anthropic.com/en/docs/claude-code SKILL.md:53 Medium External URL 外部 URL
https://astral.sh/uv/install.sh SKILL.md:105 Medium External URL 外部 URL
https://hypogenic.ai/ideahub SKILL.md:119 File Tree
2 files · 9.6 KB · 247 lines Markdown 1f · 197L
JSON 1f · 50L
├─
clawhub.json
JSON
└─
SKILL.md
Markdown
Security Positives
✓ SKILL.md is pure documentation with zero executable code — no embedded scripts, binaries, or payloads
✓ No Bash, Read, Write, or WebFetch calls — skill declares no allowed tools, consistent with documentation-only nature
✓ Comprehensive security section explicitly addressing env var filtering, Docker isolation, and no secret exfiltration
✓ Open-source project from University of Chicago (ChicagoHAI) with auditable GitHub repository and Dockerfile
✓ API keys stay local and are filtered from subprocess calls per documented security practices
✓ Experiments run inside Docker containers for host isolation
✓ Apache 2.0 license with transparent authorship (Haokun Liu, Chenhao Tan)
✓ The `curl | sh` command is a user-facing installation step, not hidden skill execution — it is expected and documented for the uv package manager