v1.0.0

Paper Defense Q&A + Code Audit + Visual Answer Cards

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 12:11 PM.

Analysis

This appears to be a coherent paper-defense preparation skill; the main cautions are that it may summarize private research/code artifacts and optionally hand prompt packs to an external image model.

GuidanceThis skill looks reasonable for preparing a paper defense. Before installing or using it, make sure you only provide the paper, code, logs, and checkpoints you intend to analyze; remove secrets and unrelated private data; review generated defense bundles before sharing; and use external image-generation APIs only after explicit approval.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

README.md

推荐输入 ... 官方或复现代码仓库 ... 训练脚本、评估脚本、配置文件、日志、checkpoint、seed、硬件信息 ... 主要输出 generated/defense/<paper-slug>/defense_qa_bank_cn.json ... visual_qa_storyboard_cn.json

The skill is designed to ingest research/code/training artifacts and produce persistent derivative defense files. That is purpose-aligned, but the generated outputs may preserve proprietary code details, experiment logs, or unpublished research content.

User impactPrivate paper materials, code paths, training logs, or experiment details could be copied into generated Q&A banks and visual prompt files.

RecommendationUse a scoped project folder, remove secrets or unrelated private files before providing artifacts, and review generated bundles before sharing them.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

workflow/08_visual_qa_storyboard.md

请把 visual_qa_storyboard_cn.json 交给 ChatGPT Images 2.0 / gpt-image-2 或用户批准的高级文生图 API。不要在当前文字回答步骤中直接混合执行生图。

The workflow contemplates handing the visual storyboard to an external image model/API. It is explicitly separated from the text step and tied to user approval, but it can still disclose paper-defense content to a third-party provider.

User impactIf used, visual prompts may send paper-specific questions, claims, and evidence summaries to an external image-generation service and may incur provider costs.

RecommendationOnly use the image-generation handoff after confirming the provider, cost, and data-sharing policy; redact confidential research details from prompt packs when necessary.