Back to skill
Skillv1.0.0
ClawScan security
Scholar Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 7:06 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, documentation, and runtime instructions match its stated purpose (searching, scoring, summarizing, and extracting figures from open-access papers); it requests no secrets and has no installer, though a few non-security issues are noted (hardcoded test path, reliance on system PDF tools).
- Guidance
- This repository appears coherent with its description: it searches public academic APIs, downloads PDFs, scores and summarizes papers, and extracts figures using optional system tools. Before installing or running it, consider: 1) Run in a sandbox or VM since it performs network requests and writes downloaded PDFs to disk. 2) Figure extraction uses pdftotext/pdfimages (Poppler) via subprocess; install those if you want full functionality or disable figure extraction. 3) test_runner.py contains a hardcoded chdir to '/home/bigclaw/.openclaw/…' — do not run that file as-is (it's a development/test artifact). 4) Provide API tokens/email only for services you trust and avoid putting sensitive credentials in config files you share. 5) The package has minor packaging/path issues (CLI entry point and imports) that are engineering issues, not security problems. If you want higher assurance, request provenance (homepage/source repo) from the publisher or run the code in an isolated environment and audit network behavior during a sample run.
Review Dimensions
- Purpose & Capability
- okName/description (search, score, summarize, extract figures) align with the included modules: search.py, score.py, summarize.py, figure_extract.py and a PDF downloader. Optional API tokens are present in config.json for services the skill documents (OpenAlex, Semantic Scholar, CrossRef) and are not required by default.
- Instruction Scope
- noteSKILL.md instructs the agent to search, fetch metadata/PDFs, score, and extract figures — this is exactly what the code does. The code performs network calls to many external public APIs and downloads PDFs (requests). Figure extraction attempts to call system binaries (pdftotext, pdfimages) via subprocess. A test file (test_runner.py) contains a hardcoded absolute chdir to '/home/bigclaw/.openclaw/…' which is environment-specific and could cause unintended filesystem access if executed; this is a development/test artifact and not necessary for normal skill use.
- Install Mechanism
- okNo install spec is provided (instruction-only install), so nothing will be silently downloaded at install time. The package includes Python source and lists Python dependencies (requests, beautifulsoup4, PyPDF2/opencv/transformers mentioned in SKILL.md), and the figure extraction relies on external system utilities (Poppler's pdftotext/pdfimages) if available. That reliance should be documented to avoid surprises but is proportionate to the stated feature set.
- Credentials
- okThe skill does not declare required environment variables or a primary credential. config.json includes optional API tokens/email fields for OpenAlex, Semantic Scholar, and CrossRef (reasonable and documented). There are no requests for unrelated credentials or secrets in the files.
- Persistence & Privilege
- okThe skill does not request persistent global privileges (always:false). It does not modify other skills or system-wide agent settings. It operates as a normal user-space tool that downloads content into local directories when asked.