Skillv0.1.1

ClawScan security

Paper Reader Deep · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 5:01 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a PDF deep-reading/report-generation tool: it extracts text from PDFs, optionally queries CrossRef for DOI metadata, and writes Markdown reports — it does not request credentials or contact unexpected endpoints.
Guidance: This skill appears coherent and not malicious, but review these points before installing: 1) It will read every *.pdf in the folder you point it at and create Markdown reports in that same folder — do not run it on directories containing sensitive/private PDFs you do not want processed or stored as plaintext. 2) The script makes an optional network call to CrossRef (api.crossref.org) to resolve DOIs; this is expected for metadata lookup. If you need fully offline operation, remove or disable the DOI query. 3) There are small inconsistencies: SKILL.md/README list PyYAML as a dependency though the script doesn't use it, and SKILL.md says it will save a record to MEMORY.md but the script does not implement that — if you rely on MEMORY.md logging, confirm/implement it. 4) The actual 'deep AI analysis' sections are left as placeholders in the generated reports and will be produced by the model when the agent is invoked — review how your agent will perform that step and where those outputs will be stored or transmitted. 5) If you have privacy concerns, inspect the script yourself (it's short and readable) or run it in a sandboxed environment. Overall: functionally consistent with its description, no unexpected credentials or hidden endpoints detected.

Review Dimensions

Purpose & Capability: noteName/description match the implementation: the script extracts PDF text, parses metadata, extracts key numbers, and writes structured Markdown reports. Declared dependencies (pdfplumber) match usage. Minor mismatches: SKILL.md / README list PyYAML as a dependency but the provided script does not import or use PyYAML; SKILL.md claims a step '保存到MEMORY.md' (save to MEMORY.md) but the code does not implement writing to MEMORY.md. These are implementation/documentation inconsistencies but not evidence of malicious intent.
Instruction Scope: noteSKILL.md instructs the agent to perform deep understanding and to follow an analysis framework; the code provides extraction and templated report generation but leaves AI analysis sections as placeholders ("[AI分析中…]") for the agent/model to fill. This is consistent but means the substantive 'deep understanding' is performed by the model at runtime (not the script). The SKILL.md's stated step of recording to MEMORY.md is not implemented in code (inconsistency). The instructions otherwise only reference local PDF paths and expected outputs in the same directory.
Install Mechanism: okNo install spec is included (instruction-only plus a local script). That is low risk. The script depends on pdfplumber (documented). There are no downloads from external or untrusted URLs in the repo.
Credentials: okThe skill requests no environment variables or credentials. The only network use is an OPTIONAL CrossRef API query to resolve DOI titles (https://api.crossref.org), which is appropriate for a metadata lookup and requires no secret. No other services or secrets are requested.
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated privileges. It writes generated reports into the same directory as the PDFs (normal behavior). It does not modify other skills or system-wide agent settings.