Back to skill
Skillv0.0.1
VirusTotal security
zotero-sholar · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:50 AM
- Hash
- a3ef4f78b57d2106a3c5ac254d9fcf17219a593e41713a946ac0f1eedd2579af
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: zotero-sholar Version: 0.0.1 The skill's purpose is to save papers and abstracts to Zotero. The `SKILL.md` provides clear instructions and does not contain any prompt injection attempts. The `scripts/save_paper.py` script uses the legitimate `pyzotero` library to interact with the Zotero API, authenticating via the `ZOTERO_CREDENTIALS` environment variable. It includes functionality to download and attach PDFs from arXiv, using `urllib.request` and `tempfile.TemporaryDirectory()` for safe handling. There is no evidence of data exfiltration, unauthorized command execution, persistence mechanisms, or other malicious intent. The code aligns with its stated purpose.
- External report
- View on VirusTotal