ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

hugging-face daily papers

v1.0.0

Fetch and digest HuggingFace Daily Papers. Use when user asks for today's HF papers, daily paper digest, wants a paper report, or says 论文精选/今日论文/HF daily pap...

0· 35·0 current·0 all-time
by@godiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the behavior: the script fetches the HuggingFace daily papers feed and formats results. Requiring an HF read token is coherent with using the HF API. However, the registry metadata declared no required environment variables or primary credential while the runtime instructions and script explicitly require an HF_TOKEN — this metadata omission is inconsistent and worth flagging.
Instruction Scope
SKILL.md and SKILL_zh.md limit actions to fetching HF API data, cleaning it, scoring, and writing hf_results.json. The instructions do not request unrelated files, system-wide config, or unknown external endpoints. They do instruct the user to set HF_TOKEN in the environment; the Python script reads only that env var and writes a local hf_results.json.
Install Mechanism
There is no install spec (instruction-only skill with an included script). That is the lower-risk model. Note: the Python script depends on the 'requests' library and a Python runtime but the SKILL.md does not list these runtime dependencies; this is an operational omission (not an obvious security risk) but could cause failures.
!
Credentials
The script requires HF_TOKEN (a HuggingFace token) which is appropriate for calling the HF API. However, the skill registry metadata did not declare any required env vars or a primary credential—this mismatch is suspicious because users installing skills expect to see required credentials upfront. Recommend creating a minimal read-only token and verifying the token's scope before use.
Persistence & Privilege
The skill does not request permanent/always-on presence and does not modify other skills or system configs. It writes a single output file (hf_results.json) in the working directory. Autonomous invocation is allowed (platform default) but there are no additional elevated privileges requested.
What to consider before installing
This skill appears to be what it claims: it fetches HuggingFace daily papers and writes a local hf_results.json. Before installing, note two practical and one security point: (1) Metadata omission — the registry did not declare HF_TOKEN as a required credential even though SKILL.md and the script require it; expect to provide HF_TOKEN yourself. (2) Runtime dependency — the script uses the Python 'requests' library but the skill doesn't list this dependency; ensure you have Python + requests installed. (3) Token scope and trust — create a dedicated HuggingFace read-only token for this skill (do not reuse high-privilege tokens), and review the simple script contents (it only calls huggingface.co and writes a local JSON) — if you do not trust the skill source (owner unknown), run it in an isolated environment or container. If the owner can be verified, ask them to update registry metadata to declare HF_TOKEN and list runtime deps to remove the inconsistency.

Like a lobster shell, security has layers — review code before you run it.

latestvk973gsyvqv6x8t5p6n70yamb7d841w8c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments