Skillv1.0.1

ClawScan security

ZeeLin Liberal Arts Paper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 3:06 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose: it is an instruction-only, local paper-generation helper that reasonably requests file-system access to read templates and write outputs and does not ask for unrelated credentials or installs.
Guidance: What to consider before installing: (1) Functionality matches its claim: it operates locally and reads templates; that requires file-system access to your OpenClaw workspace — avoid storing secrets or unrelated private files in that workspace. (2) The skill promises no network calls, but because this is instruction-only you should verify the skill's source (homepage/author) if you need higher assurance. (3) The templates ask for very long sections and numbered citations; do not assume generated citations or factual claims are correct—always review and verify sources manually. (4) For academic integrity: use outputs as drafts/ideas only, cite original sources properly, and do not submit generated text without human editing. (5) If you are concerned about privacy or untrusted code, run the skill in an isolated workspace or sandbox and inspect the templates (references/prompts_zh.md and SKILL.md) before use.

Review Dimensions

Purpose & Capability: okThe skill's name and description (Chinese liberal-arts paper generation) match the declared runtime needs: it declares file-system capability and reads local template files (references/prompts_zh.md) and writes outputs. No environment variables, external APIs, or unrelated binaries are requested — this is proportionate for a local document-generation tool.
Instruction Scope: noteSKILL.md gives detailed, narrowly scoped instructions for generating title, outline, and chapters and explicitly says processing is local and templates are read from references/prompts_zh.md. Two points to note: (1) templates mandate very large section lengths (e.g., '论证' >8000 words) which may be resource-intensive and could lead to excessive token usage or truncation; (2) templates require numbered citations and heavy factual claims but the skill has no mechanism to verify references — this can lead to hallucinated or fabricated citations if the agent fabricates rather than strictly paraphrases user-provided references. From a security perspective the instructions do not direct the agent to read unrelated system paths or send data externally.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files to execute. That minimizes installation risk: nothing is downloaded or written to disk by an installer. The only runtime requirement is file-system access to read templates and save outputs.
Credentials: noteThe skill requires no environment variables or external credentials and only requests file-system capability. File-system access is proportionate (templates and user-supplied references must be read/written). Users should note that file-system capability grants the skill access to the OpenClaw workspace area — any sensitive files stored there could be read by the skill if referenced or misused, so avoid placing secrets in the workspace.
Persistence & Privilege: okThe skill does not request permanent presence (always:false), does not modify other skills, and is user-invocable. It allows normal autonomous invocation (disable-model-invocation:false), which is the platform default and expected for skills. There is no evidence it attempts to persist credentials or alter global settings.