paper-research-assistant
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches its paper-analysis purpose, but its code generator can write files outside the requested output folder if a paper title is crafted maliciously.
Use this skill in a project or temporary directory and inspect generated paths before running scaffold_code.py, especially for untrusted PDFs or metadata. Review generated requirements before installing them, and delete generated metadata/report files if the paper content is confidential.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the scaffold script is run on malicious or malformed paper metadata, it could create or overwrite README.md, train.py, model.py, or similar scaffold files in an unexpected location.
The output path is constructed from metadata-derived title text and then written without rejecting '..', path separators, or absolute paths. A crafted title in the metadata could cause writes outside the intended output directory.
title = metadata.get('title', 'Model').replace(' ', '_').replace('-', '_'); files = {f'{title}/README.md': ...}; full_path = output_dir / filepath; with open(full_path, 'w', encoding='utf-8') as f:Sanitize the title to a safe slug, reject absolute paths and '..', resolve each destination path, enforce that it remains under the selected output directory, and prompt before overwriting existing files.
A user may install unexpected or overly broad dependency versions in a generated reproduction environment.
The generated reproduction project encourages installing a requirements file with broad version ranges and an ambiguous yaml package name. This is purpose-aligned scaffolding, but users should review generated dependencies before installing them.
pip install -r requirements.txt ... f'{title}/requirements.txt': """torch>=2.0.0\ntorchvision>=0.15.0\nnumpy>=1.24.0\npandas>=2.0.0\ntqdm>=4.65.0\nyaml>=6.0\n"""Review and pin generated dependencies before installation, and replace ambiguous package names with the intended provider package, such as PyYAML when appropriate.
Confidential paper text may remain in the generated metadata file after parsing.
The parser persists the first 5,000 characters of extracted PDF text into the output JSON file. This is aligned with paper analysis, but it can retain private paper content locally.
metadata['full_text_preview'] = full_text[:5000]; json.dump(metadata, f, ensure_ascii=False, indent=2)
Use a trusted output directory, avoid parsing confidential PDFs in shared locations, and remove or disable the full_text_preview field if it is not needed.