ClawHub

arXiv 论文推荐器

v1.1.0

推荐高质量的 Agent/RAG 论文。当用户提到"推荐论文"、"arxiv论文"、"Agent论文"、"RAG论文"、"论文推荐"、"看论文"、"找论文"、"最近有什么好论文"时触发此技能。支持主题:Agent测评、RAG测评、Agent架构、RAG架构。自动验证 GitHub 代码,生成结构化报告。

0· 195·0 current·0 all-time
by@devioslang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (arXiv paper recommender that verifies GitHub code and generates reports) matches the included scripts (search.py, recommend.py, analyze.py). The required operations (fetch arXiv, fetch arXiv pages, call GitHub repo API, analyze text, write Markdown reports) are all consistent with the stated functionality.
Instruction Scope
SKILL.md instructs running the bundled recommend.py and reading reports. The runtime instructions and scripts only reference arXiv and GitHub endpoints and local files (~/papers/* and ~/.openclaw/.../scripts). The skill reads/writes its own history and report files (~/papers/history.json and ~/papers/recommendations/...), which is expected for a recommender and not outside the declared scope.
Install Mechanism
No install spec; code is included and run directly (instruction-only install). No downloads from external URLs or package installs are invoked by the skill itself, so there is no high-risk install mechanism in the bundle.
Credentials
The skill requires no environment variables or credentials. It uses public arXiv endpoints and unauthenticated GitHub API calls (api.github.com). No secrets are requested or accessed, so credential requests are proportionate to the described task.
Persistence & Privilege
The skill persists state by creating and updating files under the user's home directory: ~/papers/history.json and Markdown reports under ~/papers/recommendations. always:false (normal). This is within reason for a recommender, but users should be aware of the local file writes and the path hardcoded in SKILL.md.
Assessment
This skill appears coherent and implements what it claims: it queries arXiv and arxiv.org pages, calls the public GitHub repo API (unauthenticated), analyzes abstracts, and writes recommendations and a small history to ~/papers. Things to consider before installing: 1) it will perform outbound HTTP(S) requests to export.arxiv.org, arxiv.org, and api.github.com — ensure your environment/network policy allows that; 2) it writes files to your home directory (~/papers); review or sandbox those writes if you have policy or privacy concerns; 3) GitHub API calls are unauthenticated and subject to rate limits — if you expect heavy use you may want to modify the code to use a token (this would require adding a credential); 4) if you want to audit behavior, inspect the three scripts (search.py, recommend.py, analyze.py) — they are short and readable; 5) the SKILL.md path suggestions assume the skill lives under ~/.openclaw/workspace/skills/, so confirm that path before running. Overall the skill is internally consistent, but follow standard caution: review included scripts and run in a controlled environment if you have strict security requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dkytz6hen6fe56kjenk72cx82z5ss

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments