Skillv0.1.0

ClawScan security

SemanticScholar Search Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 27, 2026, 1:17 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement the advertised Semantic Scholar queries and requires no unusual credentials, but the repository/install guidance includes remote install commands (curl | sh, npx from a third-party GitHub) and the package source/homepage are unknown — those factors merit caution before installing.
Guidance: The skill's code and documentation are internally consistent with a Semantic Scholar client, but exercise caution before installing from an unverified source. Recommendations: - Prefer cloning the repository and reviewing files locally rather than running remote installers (avoid curl | sh). - Inspect the GitHub repo (owner JackKuo666) and commit history; confirm the code matches the packaged files. - Install dependencies inside an isolated virtual environment or sandbox (venv or container) rather than system-wide. - Avoid running the recommended remote installer (astral.sh) unless you trust that third-party tool; install uv or tools from their official pages or package managers instead. - If you need higher rate limits, provide an official Semantic Scholar API key only to the local process in a safe environment. If you can verify the repository and avoid running unreviewed remote scripts, the skill appears reasonable; if you cannot verify the source, do not install.

Review Dimensions

Purpose & Capability: okName, description, SKILL.md, README, requirements.txt, and the Python code all align: the code uses the semanticscholar library to search papers, fetch paper/author details, and citations. Declared dependencies (semanticscholar, requests) match the implementation.
Instruction Scope: okSKILL.md instructs the agent to perform searches, get paper/author details, and output results (console/json). The instructions and examples reference only Semantic Scholar API and local output files; there are no instructions to read unrelated system files, sweep environment variables, or send data to unexpected endpoints.
Install Mechanism: concernThe registry contains no formal install spec, but README recommends installation methods that involve fetching code from an external GitHub user and running a remote installer (curl -LsSf https://astral.sh/uv/install.sh | sh). Executing remote install scripts (curl | sh) or using npx to pull directly from an external repo increases risk because arbitrary scripts could run on the host. The GitHub owner is not authoritative/verified in the metadata, and no release host verification is provided.
Credentials: okThe skill requires no environment variables by default and only documents an optional SEMANTIC_SCHOLAR_API_KEY for higher rate limits. That is proportionate for the described API usage. The code does not request unrelated secrets or multiple unrelated credentials.
Persistence & Privilege: okSkill flags indicate no forced always-on presence; it is user-invocable and allows normal autonomous invocation. The package does not request system-wide config modifications in the files provided. No evidence it modifies other skills or global settings.