Open Source License Check
Check if referenced bioinformatics software/code licenses allow commercial use (GPL vs MIT, etc.).
When to Use
- - Use this skill when the task needs Check if referenced bioinformatics software/code licenses allow commercial use (GPL vs MIT, etc.).
- Use this skill for evidence insight tasks that require explicit assumptions, bounded scope, and a reproducible output format.
- Use this skill when you need a documented fallback path for missing inputs, execution errors, or partial evidence.
Key Features
- - Scope-focused workflow aligned to: Check if referenced bioinformatics software/code licenses allow commercial use (GPL vs MIT, etc.).
- Packaged executable path(s):
scripts/main.py. - Reference material available in
references/ for task-specific guidance. - Structured execution path designed to keep outputs consistent and reviewable.
Dependencies
See ## Prerequisites above for related details.
- -
Python: 3.10+. Repository baseline for current packaged skills. - INLINECODE5�:
not explicitly version-pinned in this skill package. Add pinned versions if this skill needs stricter environment control.
Example Usage
See ## Usage above for related details.
CODEBLOCK0
Example run plan:
- 1. Confirm the user input, output path, and any required config values.
- Edit the in-file
CONFIG block or documented parameters if the script uses fixed settings. - Run
python scripts/main.py with the validated inputs. - Review the generated output and return the final artifact with any assumptions called out.
Implementation Details
See ## Workflow above for related details.
- - Execution model: validate the request, choose the packaged workflow, and produce a bounded deliverable.
- Input controls: confirm the source files, scope limits, output format, and acceptance criteria before running any script.
- Primary implementation surface:
scripts/main.py. - Reference guidance:
references/ contains supporting rules, prompts, or checklists. - Parameters to clarify first: input path, output path, scope filters, thresholds, and any domain-specific constraints.
- Output discipline: keep results reproducible, identify assumptions explicitly, and avoid undocumented side effects.
Quick Check
Use this command to verify that the packaged script entry point can be parsed before deeper execution.
CODEBLOCK1
Audit-Ready Commands
Use these concrete commands for validation. They are intentionally self-contained and avoid placeholder paths.
CODEBLOCK2
Workflow
- 1. Confirm the user objective, required inputs, and non-negotiable constraints before doing detailed work.
- Validate that the request matches the documented scope and stop early if the task would require unsupported assumptions.
- Use the packaged script path or the documented reasoning path with only the inputs that are actually available.
- Return a structured result that separates assumptions, deliverables, risks, and unresolved items.
- If execution fails or inputs are incomplete, switch to the fallback path and state exactly what blocked full completion.
Usage
CODEBLOCK3
Parameters
- -
--software: Comma-separated software names - INLINECODE14�: Check Python requirements file
- INLINECODE15�: Scan directory for license files
License Types
| License | Commercial Use | Notes |
|---|
| MIT | ✅ Yes | Permissive |
| Apache-2.0 |
✅ Yes | Permissive |
| BSD | ✅ Yes | Permissive |
| GPL-3.0 | ⚠️ Copyleft | Must open source derivative |
| GPL-2.0 | ⚠️ Copyleft | Must open source derivative |
| AGPL | ❌ No | Network use is distribution |
Output
- - License compatibility report
- Commercial use warnings
- Compliance recommendations
Risk Assessment
| Risk Indicator | Assessment | Level |
|---|
| Code Execution | Python/R scripts executed locally | Medium |
| Network Access |
No external API calls | Low |
| File System Access | Read input files, write output files | Medium |
| Instruction Tampering | Standard prompt guidelines | Low |
| Data Exposure | Output files saved to workspace | Low |
Security Checklist
- - [ ] No hardcoded credentials or API keys
- [ ] No unauthorized file system access (../)
- [ ] Output does not expose sensitive information
- [ ] Prompt injection protections in place
- [ ] Input file paths validated (no ../ traversal)
- [ ] Output directory restricted to workspace
- [ ] Script execution in sandboxed environment
- [ ] Error messages sanitized (no stack traces exposed)
- [ ] Dependencies audited
Prerequisites
No additional Python packages required.
Evaluation Criteria
Success Metrics
- - [ ] Successfully executes main functionality
- [ ] Output meets quality standards
- [ ] Handles edge cases gracefully
- [ ] Performance is acceptable
Test Cases
- 1. Basic Functionality: Standard input → Expected output
- Edge Case: Invalid input → Graceful error handling
- Performance: Large dataset → Acceptable processing time
Lifecycle Status
- - Current Stage: Draft
- Next Review Date: 2026-03-06
- Known Issues: None
- Planned Improvements:
- Performance optimization
- Additional feature support
Output Requirements
Every final response should make these items explicit when they are relevant:
- - Objective or requested deliverable
- Inputs used and assumptions introduced
- Workflow or decision path
- Core result, recommendation, or artifact
- Constraints, risks, caveats, or validation needs
- Unresolved items and next-step checks
Error Handling
- - If required inputs are missing, state exactly which fields are missing and request only the minimum additional information.
- If the task goes outside the documented scope, stop instead of guessing or silently widening the assignment.
- If
scripts/main.py fails, report the failure point, summarize what still can be completed safely, and provide a manual fallback. - Do not fabricate files, citations, data, search results, or execution outcomes.
Input Validation
This skill accepts requests that match the documented purpose of open-source-license-check and include enough context to complete the workflow safely.
Do not continue the workflow when the request is out of scope, missing a critical input, or would require unsupported assumptions. Instead respond:
INLINECODE18� only handles its documented workflow. Please provide the missing required inputs or switch to a more suitable skill.
References
Response Template
Use the following fixed structure for non-trivial requests:
- 1. Objective
- Inputs Received
- Assumptions
- Workflow
- Deliverable
- Risks and Limits
- Next Checks
If the request is simple, you may compress the structure, but still keep assumptions and limits explicit when they affect correctness.
开源许可证检查
检查引用的生物信息学软件/代码许可证是否允许商业使用(GPL与MIT等)。
使用时机
- - 当任务需要检查引用的生物信息学软件/代码许可证是否允许商业使用(GPL与MIT等)时,使用此技能。
- 用于需要明确假设、限定范围和可重复输出格式的证据洞察任务。
- 当需要针对缺失输入、执行错误或部分证据提供有文档记录的备用路径时,使用此技能。
主要特性
- - 聚焦范围的工作流程,针对:检查引用的生物信息学软件/代码许可证是否允许商业使用(GPL与MIT等)。
- 打包的可执行路径:scripts/main.py。
- references/中提供参考资料,用于任务特定指导。
- 结构化执行路径,旨在保持输出一致且可审查。
依赖项
相关详情请参见上方的## 前提条件。
- - Python:3.10+。当前打包技能的仓库基线。
- 第三方包:此技能包中未明确固定版本。如果此技能需要更严格的环境控制,请添加固定版本。
使用示例
相关详情请参见上方的## 用法。
bash
cd 20260318/scientific-skills/Evidence Insight/open-source-license-check
python -m py_compile scripts/main.py
python scripts/main.py --help
示例运行计划:
- 1. 确认用户输入、输出路径以及任何必需的配置值。
- 如果脚本使用固定设置,编辑文件内的CONFIG块或文档化参数。
- 使用验证后的输入运行python scripts/main.py。
- 审查生成的输出,并返回最终产物,同时注明任何假设。
实现细节
相关详情请参见上方的## 工作流程。
- - 执行模型:验证请求,选择打包的工作流程,并生成限定的可交付成果。
- 输入控制:在运行任何脚本前,确认源文件、范围限制、输出格式和验收标准。
- 主要实现界面:scripts/main.py。
- 参考指南:references/包含支持性规则、提示或检查清单。
- 需首先明确的参数:输入路径、输出路径、范围过滤器、阈值以及任何领域特定约束。
- 输出规范:保持结果可重复,明确标识假设,避免未文档化的副作用。
快速检查
在深入执行前,使用此命令验证打包脚本入口点是否可解析。
bash
python -m py_compile scripts/main.py
审计就绪命令
使用这些具体命令进行验证。它们特意设计为自包含,避免使用占位符路径。
bash
python -m py_compile scripts/main.py
python scripts/main.py --help
工作流程
- 1. 在进行详细工作前,确认用户目标、必需输入和不可协商的约束条件。
- 验证请求是否与文档化范围匹配,如果任务需要不受支持的假设,则尽早停止。
- 仅使用实际可用的输入,运行打包脚本路径或文档化的推理路径。
- 返回结构化结果,区分假设、可交付成果、风险和未解决项。
- 如果执行失败或输入不完整,切换到备用路径,并明确说明阻止完全完成的原因。
用法
text
python scripts/main.py --software samtools,bwa,bedtools
python scripts/main.py --check-requirements requirements.txt
参数
- - --software:逗号分隔的软件名称
- --check-requirements:检查Python需求文件
- --check-directory:扫描目录以查找许可证文件
许可证类型
| 许可证 | 商业使用 | 备注 |
|---|
| MIT | ✅ 是 | 宽松许可 |
| Apache-2.0 |
✅ 是 | 宽松许可 |
| BSD | ✅ 是 | 宽松许可 |
| GPL-3.0 | ⚠️ 版权左派 | 必须开源衍生作品 |
| GPL-2.0 | ⚠️ 版权左派 | 必须开源衍生作品 |
| AGPL | ❌ 否 | 网络使用视为分发 |
输出
风险评估
| 风险指标 | 评估 | 等级 |
|---|
| 代码执行 | Python/R脚本在本地执行 | 中 |
| 网络访问 |
无外部API调用 | 低 |
| 文件系统访问 | 读取输入文件,写入输出文件 | 中 |
| 指令篡改 | 标准提示指南 | 低 |
| 数据暴露 | 输出文件保存到工作区 | 低 |
安全检查清单
- - [ ] 无硬编码凭据或API密钥
- [ ] 无未经授权的文件系统访问(../)
- [ ] 输出不暴露敏感信息
- [ ] 已实施提示注入保护
- [ ] 输入文件路径已验证(无../遍历)
- [ ] 输出目录限制在工作区内
- [ ] 脚本在沙盒环境中执行
- [ ] 错误消息已清理(不暴露堆栈跟踪)
- [ ] 依赖项已审计
前提条件
无需额外的Python包。
评估标准
成功指标
- - [ ] 成功执行主要功能
- [ ] 输出符合质量标准
- [ ] 优雅处理边缘情况
- [ ] 性能可接受
测试用例
- 1. 基本功能:标准输入 → 预期输出
- 边缘情况:无效输入 → 优雅的错误处理
- 性能:大数据集 → 可接受的处理时间
生命周期状态
- - 当前阶段:草稿
- 下次审查日期:2026-03-06
- 已知问题:无
- 计划改进:
- 性能优化
- 额外功能支持
输出要求
每个最终响应应在相关时明确以下内容:
- - 目标或请求的可交付成果
- 使用的输入和引入的假设
- 工作流程或决策路径
- 核心结果、建议或产物
- 约束条件、风险、注意事项或验证需求
- 未解决项和下一步检查
错误处理
- - 如果缺少必需输入,明确说明哪些字段缺失,并仅请求最少量的额外信息。
- 如果任务超出文档化范围,则停止,而不是猜测或悄然扩大任务范围。
- 如果scripts/main.py失败,报告失败点,总结仍可安全完成的内容,并提供手动备用方案。
- 不得捏造文件、引用、数据、搜索结果或执行结果。
输入验证
此技能接受与open-source-license-check文档化目的匹配且包含足够上下文以安全完成工作流程的请求。
当请求超出范围、缺少关键输入或需要不受支持的假设时,不要继续工作流程。而是回复:
open-source-license-check仅处理其文档化的工作流程。请提供缺失的必需输入,或切换到更合适的技能。
参考资料
响应模板
对于非简单请求,使用以下固定结构:
- 1. 目标
- 接收到的输入
- 假设
- 工作流程
- 可交付成果
- 风险和限制
- 下一步检查
如果请求简单,可以压缩结构,但当假设和限制影响正确性时,仍需明确说明。
