Back to skill
Skillv1.0.2
VirusTotal security
arXiv to Zotero · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 17, 2026, 7:46 AM
- Hash
- 3d23280b81abadd44cf9891de0b7b55975008ee81af9da5d69740b65dfc2fc39
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: arxiv-to-zotero Version: 1.0.2 The arxiv-to-zotero skill bundle is well-structured and its functionality aligns strictly with the stated purpose of automating research paper imports. The Python script (scripts/main.py) uses standard libraries and subprocess calls to curl for PDF downloads in a safe manner (avoiding shell=True), and interacts only with legitimate endpoints (arXiv and Zotero APIs). No evidence of malicious intent, credential exfiltration, or prompt-injection attacks was found; the skill follows established OpenClaw patterns for configuration and secret management via environment variables.
- External report
- View on VirusTotal