arXiv 论文推荐器
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to do what it claims: search public arXiv/GitHub information, generate a local paper recommendation report, and keep a small local history.
Before installing, be aware that this skill runs included Python scripts, contacts public arXiv and GitHub endpoints, and saves recommendation reports/history in ~/papers. No malicious behavior or credential handling is evident from the artifacts.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When triggered, the skill may run its local script to fetch public paper data and generate files on your machine.
The skill asks the agent to run an included local Python script. This is central to the recommender workflow and is disclosed, but users should know the skill executes local code when invoked.
cd ~/.openclaw/workspace/skills/arxiv-paper-recommender/scripts python3 recommend.py [topic]
Install only if you are comfortable with the included Python scripts running for this paper-search task.
The registry may make the skill look more self-contained than it is; in practice it needs Python and internet access.
The skill discloses Python and network dependencies, while the registry requirements list no required binaries or capability tags. This is an under-declaration rather than evidence of hidden behavior.
- Python 3.8+ - arXiv API(免费,无需密钥) - GitHub API(公开接口) - 网络访问
Confirm your environment has Python 3 and that you are comfortable allowing the skill to contact arXiv and GitHub.
A local file may reveal which papers or topics were recommended to you.
The skill keeps persistent local history of recommended papers. This is disclosed and scoped to paper IDs/titles/topics, but it is still persistent user activity data.
记录用户已推荐的论文,避免重复: // 保存到 ~/papers/history.json
Delete ~/papers/history.json and generated reports if you do not want this recommendation history retained.