ClawHub
Back to skill
v1.0.0

Academic Translator

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:25 AM.

Analysis

This skill’s PDF/arXiv translation behavior is coherent and disclosed, with only routine cautions about local paper storage, web searches, helper dependencies, and optional sub-agent use.

GuidanceBefore installing, be comfortable with the skill downloading arXiv PDFs, extracting and temporarily storing paper text under `/tmp/academic_papers/`, and using web search for related context. For confidential or unpublished papers, disable or explicitly approve web searches and clear the temporary paper folder after use.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
Use sub-agents (`sessions_spawn`) for full paper translation to avoid blocking the main session

The skill may spawn additional agent sessions for long translation tasks, which is disclosed and purpose-aligned but increases autonomous processing.

User impactFull-paper translation may run through an additional agent session rather than only the current chat, which can make activity less visible.
RecommendationUse sub-agents only for requested long translations and review the final output before relying on it.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
SKILL.md
source /home/kjp/.openclaw/workspace/.venv/bin/activate

The instructions reference a specific local virtual environment, while the registry says there is no install spec.

User impactThe skill may fail or depend on preinstalled local Python packages such as PyMuPDF and requests, but the included helper code is visible and purpose-aligned.
RecommendationVerify the Python environment and dependencies before use; prefer a documented, reproducible install step.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Store paper context in `/tmp/academic_papers/` for multi-turn conversations: ... `current_text.txt` — extracted full text

The skill explicitly persists extracted paper text locally so it can answer follow-up questions without re-extracting.

User impactUploaded or local paper contents may remain available in a temporary local folder across turns and could be reused as the current paper context.
RecommendationAvoid using confidential manuscripts unless local temporary storage is acceptable, and clear `/tmp/academic_papers/` when finished if the content is sensitive.
Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
Then use `web_search` for supplementary context ... Use `web_search` proactively for unfamiliar terms or cutting-edge topics

The skill discloses external web-search use that may involve paper titles, concepts, or other paper-derived queries.

User impactSearch queries derived from a paper could reveal its topic or terminology to a search provider, which matters for private or unpublished work.
RecommendationFor confidential papers, ask the agent to avoid web_search or to confirm search terms before using external web research.