v0.9.1

arxiv-daily

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:17 AM.

Analysis

This skill appears aligned with fetching and summarizing arXiv papers, with only disclosed setup, scheduling, local storage, and dependency-install notes to review.

GuidanceBefore installing or using this skill, confirm the arXiv categories, schedule, and push destination. If you run scripts/run.sh, consider using a virtual environment and installing reviewed dependency versions. Make sure you know how to edit or remove the timers and local configuration files later.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

scripts/run.sh

pip3 install requests beautifulsoup4 -q

The helper script installs third-party Python packages if they are missing, and the packages are not version-pinned. This is relevant supply-chain behavior, although the packages are expected for fetching and parsing arXiv pages.

User impactRunning the helper may install external packages into the user's Python environment.

RecommendationReview the dependency install behavior and consider installing pinned versions in a virtual environment before running the script.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

引导用户创建定时器（提取任务 + 推送任务）

The skill is designed to support recurring scheduled fetch and push tasks. This persistence is disclosed and central to the daily-paper purpose, but users should be aware it may continue running on a schedule.

User impactThe skill may keep fetching papers and pushing summaries at configured times until the user disables the timers.

RecommendationCreate timers only after confirming the schedule, destination, and how to disable or edit the recurring tasks.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

channel: WeCom, account: papa_wecom, chat_id: wecom-agent:LinHaoWei

The configuration includes a messaging channel, account, and chat ID for push delivery. This is expected for a paper-push skill, but it represents delegated authority to send messages to a configured destination.

User impactIf the destination is misconfigured, paper summaries or subscription preferences could be sent to the wrong chat or account.

RecommendationVerify the channel, account, and chat ID before enabling scheduled pushes.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityInfoConfidenceHighStatusNote

SKILL.md

生成配置文件 like-<category>.txt 保存到 references/ 目录

The skill stores user preferences, schedules, and push configuration in local reference files that are later scanned and reused. This persistent local state is purpose-aligned but should be kept accurate and protected from unwanted edits.

User impactChanged or incorrect config files could affect which papers are fetched and where summaries are sent.

RecommendationKeep the references/ configuration files in a trusted location and review them when changing categories, schedules, or push destinations.