Abstract Searcher
ReviewAudited by ClawScan on May 10, 2026.
Overview
The API-based abstract lookup is purpose-aligned, but the documented browser fallback asks the agent to use your logged-in Chrome profile and even another automation skill, which needs review before use.
The local/API script appears aligned with adding abstracts, but treat the browser fallback as sensitive. Prefer API-only use first. If browser fallback is necessary, use a separate Chrome profile, avoid institutional or personal sessions unless you explicitly approve them, and do not allow another automation skill to auto-click browser relay controls.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Bibliography details from the input .bib file may be queried against public academic APIs.
The skill discloses external API lookups, which are purpose-aligned for finding abstracts but send paper titles and related bibliographic search terms to third-party services.
Search for the abstract using multiple sources: ... arXiv API ... Semantic Scholar API ... CrossRef API ... OpenAlex API
Use the API path only with bibliographies you are comfortable querying externally, especially if entries include unpublished or sensitive work.
The agent may attach and operate your real browser session as part of the fallback workflow, not just run the local abstract-search script.
The browser fallback suggests chaining browser relay with another GUI automation skill to attach Chrome, which could bypass an intentional user click and gives the agent broader control over the user's live browser.
# If no tabs, ask user to click the Clawdbot Browser Relay toolbar icon # Or use mac-control skill to auto-click it
Require explicit confirmation before browser relay use, do not auto-click browser controls with another skill, and prefer API-only processing unless browser access is truly needed.
The agent could browse as you on Google Scholar or publisher sites and view session-protected pages through your logged-in or institutional access.
The skill directs the agent to use existing Chrome login and institutional sessions, while the metadata declares no primary credential and the instructions do not clearly bound which accounts, sites, or session-protected content may be accessed.
Use `profile=chrome` to use real Chrome with your login sessions ... ScienceDirect/IEEE may need institutional login (your Chrome has it)
Use a separate browser profile with minimal logins, get explicit per-site approval before using authenticated sessions, and update the skill metadata/instructions to disclose and scope session use.