Skillv0.0.1

ClawScan security

zotero-paper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 15, 2026, 3:54 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and requested environment variable align with its stated purpose (saving papers to a Zotero library) and do not request unrelated credentials or perform unexpected network exfiltration.
Guidance: This skill appears to do exactly what it says: it will use the ZOTERO_CREDENTIALS (format userID:apiKey) you provide to create Zotero items, add a note with any AI summary, and optionally download PDFs from arXiv to attach to those items. Before installing: confirm you are comfortable granting this API key write access to your Zotero account; verify the Homebrew 'uv' formula is the expected runner for your environment (or run the script directly with Python and install pyzotero manually); and ensure you do not supply broader or unrelated credentials. If you use group libraries, note the script hardcodes library_type='user' (it may not work for group libraries without modification). Finally, review and keep the API key private since the skill can upload items and attachments to your Zotero account.

Review Dimensions

Purpose & Capability: okName/description, SKILL.md, and included script consistently implement saving metadata, notes, and PDF attachments to Zotero using an API key (ZOTERO_CREDENTIALS in userid:apiKey format). The requested binary 'uv' is used only as the platform runner for the Python script and is proportionate to the task.
Instruction Scope: okSKILL.md instructs running the bundled Python script with title/authors/url/etc.; the script only reads ZOTERO_CREDENTIALS and the provided CLI args, calls the Zotero API via pyzotero, and (optionally) downloads PDFs from arxiv.org. There are no instructions to read unrelated files, other env vars, or to send data to unexpected endpoints.
Install Mechanism: noteInstall spec requests a Homebrew formula 'uv' to provide the runner binary — acceptable if 'uv' is the intended platform runner. The Python dependency pyzotero is declared in the script header but no explicit pip install step is provided in the brew install section; depending on the execution environment, the pyzotero dependency may need to be installed separately.
Credentials: okOnly a single environment variable (ZOTERO_CREDENTIALS) is required and is directly used to authenticate to Zotero. No unrelated tokens, secrets, or config paths are requested.
Persistence & Privilege: okSkill is not always-on and does not request elevated or cross-skill configuration changes. It performs actions only when invoked and uses the provided Zotero credentials to write to the user's library, which matches its purpose.