Skillv1.2.1

ClawScan security

Paper Compare · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 4, 2026, 6:53 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and behavior are coherent with its stated purpose of comparing academic papers and do not request unexplained credentials or installs.
Guidance: This skill appears to be what it says: a paper-comparison helper that fetches metadata and (optionally) extracts text from PDFs. Before installing or invoking: 1) Verify the agent has only the network/tool permissions you expect (web_fetch/web_search and the pdf extraction tool). PDF extraction tools sometimes upload files to third-party services—confirm where PDFs are processed if you will send unpublished or sensitive documents. 2) If you plan heavy use, consider whether Semantic Scholar or other APIs require an API key or have rate limits; the SKILL.md references endpoints but does not declare keys. 3) Note the skill will access external URLs you provide (arXiv/IEEE/PubMed/etc.), so avoid giving confidential URLs you don't want fetched. 4) The skill depends on other agent tools (pdf skill, web_fetch); review those tools' behaviors/privileges because any risk from those tools affects this skill. Overall, nothing in this skill's instructions is disproportionate or unexplained, but runtime risk depends on the agent's tool permissions and how PDFs are processed.

Purpose & Capability: okName and description match the instructions: the SKILL.md describes fetching paper metadata (Crossref, Semantic Scholar), fetching PDFs, extracting text, and producing comparison tables and narratives. No unrelated capabilities or credentials are requested.
Instruction Scope: noteInstructions stay within the stated purpose (retrieving paper metadata, extracting PDFs, analyzing 10 dimensions). They call out agent tools (web_fetch, web_search, pdf skill, memory_search, Semantic Scholar/Crossref APIs). These external tools/skills are expected for this task, but their permissions (especially any pdf extraction tool) determine risk in practice.
Install Mechanism: okNo install spec and no code files — instruction-only skill. Nothing will be written to disk by this skill itself.
Credentials: okNo environment variables, credentials, or config paths are requested. The skill references public APIs (Crossref, Semantic Scholar) and web fetching; no secret material is required by the skill as written.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request permanent presence or modify other skills or agent-wide config.