Paper Code Joint Analysis
ReviewAudited by ClawScan on May 11, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block, unicode-control-chars); human review is required before treating this skill as clean.
Use this in a clean project directory and provide only the paper and repository you intend to analyze. Keep it in static-analysis mode unless you explicitly want to run experiments; if you do, isolate the environment and review commands. When building the reader, keep --out under the analysis folder and be careful with --force. If supply-chain assurance matters, verify or replace the bundled Mermaid/KaTeX assets and avoid optional CDN downloads. ClawScan detected prompt-injection indicators (base64-block, unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If reproduction mode is approved, untrusted research code may run locally, install packages, consume compute, or modify files.
The skill supports running target repository code only when the user asks for reproduction and permits dependency installation/script execution.
如果只想静态分析,要明确说“不运行训练”;如果要复现实验,要说明允许安装依赖和运行脚本。
Use static analysis by default; if running experiments, use a clean container or virtual environment and review commands before execution.
A mistaken --out path combined with --force could delete files outside the intended generated site directory.
The reader builder can delete and recreate an arbitrary output directory when --force is used with --out.
parser.add_argument("--out", ...); ... if out_dir.exists() and args.force:
shutil.rmtree(out_dir)Keep output paths inside the analysis workspace, avoid --force unless needed, and do not point --out at important existing directories.
Opening the generated reader executes bundled browser JavaScript, so users rely on the integrity of the packaged vendor asset.
The static scan flagged this large bundled minified Mermaid file as potentially obfuscated; minification is expected for a browser diagram library, but it is harder to audit.
A.labelStyle=A.labelStyle.replace("color:","fill:"))),A.id=y,A.class=T+" "...Prefer known Mermaid release artifacts with documented versions and hashes, or replace the bundled file with a verified upstream copy.
Using that option makes network requests to a third-party CDN and writes downloaded font files into the generated site.
The build helper optionally downloads KaTeX font files from jsDelivr when --install-katex-fonts is supplied.
KATEX_FONT_BASE_URL = "https://cdn.jsdelivr.net/npm/katex@0.16.11/dist/fonts" ... urllib.request.urlopen(request, timeout=30)
Run without the optional download when offline/provenance matters, or pin and verify downloaded assets before use.