arxiv-to-beamer
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly does what it claims, but it extracts downloaded arXiv archives without path-safety checks, which could let a crafted paper source write files outside the intended temporary folder.
Review this skill before installing. Its API-key and provider use are expected for the task, but the archive extraction code should be hardened before running it on arbitrary arXiv papers.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a selected arXiv source archive is maliciously crafted, running the skill could overwrite or create files outside the temporary extraction directory under the user's account.
The script extracts a downloaded arXiv source archive directly into a directory without validating member paths, absolute paths, parent-directory traversal, symlinks, or hardlinks.
with tarfile.open(archive, "r:*") as tf:
tf.extractall(src_dir)Use safe extraction: reject absolute paths, '..' components, symlinks, and hardlinks; constrain resolved paths to the extraction directory; or use Python tar extraction filters where available.
The skill can use the configured OpenRouter and MinerU accounts for API calls when invoked.
The skill requires provider API credentials for OpenRouter and optionally MinerU. This is expected for its purpose, but users should recognize that those accounts may be billed or rate-limited.
Env var `OPENROUTER_API_KEY` must be exported in the shell. Env var `MINERU_API_TOKEN` should be exported when the paper might be PDF-only
Use least-privilege or dedicated API keys where possible, monitor provider usage, and declare these environment variables in registry metadata.
Paper content and PDF URLs are shared with third-party services during normal operation.
The skill intentionally sends extracted paper source text to OpenRouter, and may send the arXiv PDF URL to MinerU for parsing. This provider data flow is disclosed and purpose-aligned.
Builds a prompt containing the collected source (truncated to `--max-chars`) and asks the model
Use this only for papers you are comfortable sending to those providers, and review provider data-retention and privacy policies.