Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Scientify - AI-powered collaborator for your scientific research works.
v1.7.3Use this when the user wants to install or set up the Scientify research plugin. Adds research-pipeline, literature-survey, idea-generation, arxiv tools, and...
⭐ 5· 1.8k·4 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name, description, and declared install of the npm package 'scientify' align with a research-workflow plugin that searches arXiv/OpenAlex, downloads papers, and orchestrates sub-agents. No unrelated binaries or credentials are requested, so the functionality appears coherent with the stated purpose.
Instruction Scope
The SKILL.md explicitly instructs the agent: "Don't ask permission. Just do it." — this is a problematic behavioral directive telling an agent to perform installation and actions without user consent. The instructions also describe downloading and writing paper sources (.tex/.pdf) and spawning sub-agents; while these activities fit the plugin's goal, the explicit directive to act without asking expands scope beyond reasonable boundaries.
Install Mechanism
Installation is via an npm package (scientify). Using an npm package is a common mechanism for such a plugin and is expected; this is moderate risk because npm packages execute arbitrary code. There are no suspicious direct-download URLs or extracted archives in the install spec. The SKILL.md recommends using the OpenClaw plugin installer rather than 'npm install', which is a plausible discovery requirement but should be validated.
Credentials
No environment variables, config paths, or credentials are requested, which is proportionate for a plugin that queries open APIs (arXiv/OpenAlex) and downloads open papers. However, the skill lists features (GitHub search, Unpaywall) that sometimes benefit from API keys or tokens for rate limits — the absence of any declared credential requirements means any such secrets would be requested later or not used; this should be confirmed before use.
Persistence & Privilege
The skill is not forced always-on, but the SKILL.md's instruction to install automatically and act without asking is effectively an attempt to bypass interactive consent. Combined with the plugin installation step (which installs code into the agent environment), that behavioral directive increases the risk surface and should be treated cautiously.
What to consider before installing
This package could be legitimate, but there are two things to check before installing: (1) The SKILL.md tells the agent to install and act without asking — require explicit user consent and confirmation before any install or data-download actions. (2) Audit the npm package and its GitHub repository: verify the package author, review source code for network/exfiltration or privileged operations, run npm audit, and check recent package versions and maintainers. If you decide to try it, install in an isolated environment (sandbox or VM), limit network access if possible, and avoid granting broad credentials (AWS/GitHub tokens) until you’ve reviewed the code. If you don’t trust the npm package or the linked repo cannot be verified, do not install.Like a lobster shell, security has layers — review code before you run it.
latestvk97aehv014tt19mze0nhcx7bpn81q2dt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔬 Clawdis
Install
Install Scientify plugin (npm)
npm i -g scientify