Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Arxiv Translate Email
v1.0.0从 arXiv 下载论文并翻译为中文,发送至邮箱。当用户说"下载并翻译论文"、"翻译这篇文献"、"下载xxx论文并发送到我邮箱"时使用此技能。支持同步和异步两种模式。
⭐ 0· 39·0 current·0 all-time
by@ckqiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The declared purpose (fetch arXiv, translate, email result) aligns with the provided send_email.py and SKILL.md examples. However, SKILL.md references many local scripts (/root/workspace/Remember/tasks/queue_manager.py, tasks/arxiv_worker.py, queue JSON) that are not included in the bundle, and it embeds service credentials (DeepSeek API key, QQ SMTP account) rather than declaring them as required environment variables. That mismatch (missing scripts + embedded external creds) is incoherent with a simple 'instruction-only' skill.
Instruction Scope
The runtime instructions tell the agent to run long-running local commands, manage a cron-driven worker, use a local venv binary (pdf2zh_next), and notify via QQ; they also instruct use of proxy env vars. The instructions reference filesystem paths (/root/workspace, translated/, source/) and a QQ notification target. Some of these referenced files/scripts are missing from the package, and the instructions require contacting external services (DeepSeek API and an SMTP server) using hard-coded keys — scope and external endpoints are broader than what is declared.
Install Mechanism
No install spec (instruction-only) and only one small helper script included. No remote downloads or install steps that would write arbitrary code to disk are present in the bundle itself.
Credentials
The SKILL.md and scripts contain hard-coded sensitive credentials: a DeepSeek API key and QQ SMTP username/password (also hard-coded into scripts/send_email.py). Yet the skill declares no required env vars or primary credential. Embedding third-party API keys and an SMTP account in code is disproportionate and risky: the SMTP account will relay files externally (potential data exposure), and the API key may be billed or audited by its owner. The skill does not ask you to supply your own credentials, which is suspicious.
Persistence & Privilege
always:false and no explicit install hooks — the skill does not demand elevated platform privileges. However SKILL.md instructs setting up cron jobs and a background worker; if the user or operator follows those instructions they will create periodic background activity on the host (not enforced by the bundle). That operational persistence is optional but should be considered.
What to consider before installing
Do not deploy this skill as-is. Specific concerns: (1) send_email.py includes hard-coded SMTP credentials and FROM address — these are likely not yours and will cause your translated documents to be sent through a third‑party mailbox (possible data exposure). (2) SKILL.md embeds a DeepSeek API key; using it may expose content to that service and could incur costs or logging. (3) The README references local scripts and paths that are missing from the package; running commands as shown may fail or perform unexpected work on /root. Recommended actions before using: remove or replace hard-coded secrets (put any API keys / SMTP creds in environment variables under your control), confirm ownership and intended use of the embedded credentials, inspect or obtain the missing queue_manager/worker scripts, run the translation pipeline in a controlled test directory, and only enable any cron/worker after auditing their code. If you cannot verify the owner of the embedded credentials or are uncomfortable sending document attachments via an external SMTP account, do not install or invoke this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk9776rahm4fje2qm61wq0h4aps84pamd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.