yu
AdvisoryAudited by Static analysis on May 6, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
Reference titles, authors, DOIs, and possibly related manuscript context may be used in external database lookups.
Why it was flagged
The skill explicitly relies on external scholarly databases for verification, which is expected for its purpose but creates a third-party data flow for reference metadata.
Skill content
无DOI时并行调用 CrossRef + Semantic Scholar + OpenAlex。
Recommendation
Use it for normal bibliography checking, but avoid submitting confidential or unpublished manuscript details unless you are comfortable with external lookup services receiving related query metadata.