ClawHub

Academic Research Hub

v0.1.0

Use this skill when users need to search academic papers, download research documents, extract citations, or gather scholarly information. Triggers include: requests to "find papers on", "search research about", "download academic articles", "get citations for", or any request involving academic databases like arXiv, PubMed, Semantic Scholar, or Google Scholar. Also use for literature reviews, bibliography generation, and research discovery. Requires OpenClawCLI installation from clawhub.ai.

7· 5.4k·51 current·53 all-time
byAnis Afifi@anisafifi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the included code and docs: the Python script and docs implement multi-source academic search, PDF download, citation extraction, and export formats. Minor oddity: SKILL.md and README insist on installing an external 'OpenClawCLI' from clawhub.ai even though the shipped code is a standalone Python script — that CLI may not be required to run the provided code. Dependency lists also differ between SKILL.md (mentions 'scholarly' and 'pubmed-parser') and scripts/requirements.txt (uses biopython, semanticscholar, arxiv). These inconsistencies are likely sloppy packaging rather than malicious, but they should be clarified.
Instruction Scope
Runtime instructions are focused on installing Python packages and running scripts, which is expected. The script performs network operations (calls arXiv, Semantic Scholar, PubMed via Entrez, and downloads PDFs via requests). It does not request or appear to read system credentials or arbitrary local files in the provided portions. Two cautionary points: (1) SKILL.md suggests using 'scholarly' (a Google Scholar scraper) — scraping Google Scholar may violate terms of service and can trigger rate-limiting; (2) the script will perform outbound network requests and file writes (PDF downloads) — review for compliance with copyright and network policies.
Install Mechanism
There is no platform install spec (instruction-only plus included Python files). Installation is via pip as documented; that's low-to-moderate risk. However, the package lists are inconsistent (SKILL.md vs requirements.txt vs script docstring), so a user following instructions may install different packages than the code actually uses. No obscure download URLs or archives are present in the bundle itself.
Credentials
The skill does not request environment variables, secrets, or config paths. The PubMed handler requires an email address (NCBI Entrez best practice) which the script accepts as a parameter and defaults to a placeholder; no API keys or tokens are required by the included code. This is proportionate to the described functionality.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does network I/O and writes downloaded PDFs to disk (as expected for its purpose), but it does not attempt to modify other skills or system-wide agent config in the provided files.
Assessment
Before installing or running this skill, consider the following: - Clarify OpenClawCLI: SKILL.md mentions installing OpenClawCLI (clawhub.ai). Ask whether that CLI is actually required to use the included scripts; it appears to be optional. Verify the source and trustworthiness of that CLI before installing. - Dependency mismatches: The README, SKILL.md, requirements.txt, and the script docstring list slightly different Python packages (e.g., 'scholarly' vs 'biopython'/'pubmed-parser'). Use the included scripts/requirements.txt and inspect scripts/research.py to decide the exact packages to install, ideally inside a virtualenv. - Network & legal: The script makes outbound HTTP requests and downloads PDFs. Ensure you comply with publisher/DB terms of service and copyright/licensing when downloading or redistributing full texts. Using 'scholarly' to scrape Google Scholar can violate terms and be rate-limited. - Rate limits and email: PubMed/NCBI requires an email for polite use of Entrez; provide a valid contact email and respect rate limits. Semantic Scholar and other APIs may also have rate limits or optional API keys. - Run isolated & inspect: Run the code in an isolated virtual environment or container, review the full scripts/research.py (the repository had a truncated snippet in the copy you provided) to confirm no hidden endpoints or unexpected behavior, and monitor network activity on first runs. If you want, I can: (1) compare the complete scripts/research.py to requirements.txt to produce an exact install command, (2) scan the remainder of scripts/research.py (it was truncated in the bundle you pasted) for any unexpected network endpoints or file accesses, or (3) produce a safe, minimal virtualenv install + run checklist.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a5zxhk789ekd4n1bj9qe09n80s576

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments