Auto Research Pipeline

This skill is coherent for automating a research workflow, but proceed cautiously. Key things to check before installing or running: - Notifications: SKILL.md mentions pushing Feishu (飞书) messages but provides no Feishu token/config. Decide where notifications will go and supply credentials only if you trust that endpoint. - Generated-code execution: The pipeline asks the LLM to generate experiment code and then executes it. Ensure your execution environment actually enforces the promised sandbox (no network, restricted file writes, timeouts). If the platform cannot guarantee sandboxing, do not run the experiment-execution stages. - Network access: literature_search.py performs HTTP requests (arXiv, Semantic Scholar). Confirm you are comfortable with those outbound requests (rate limits, data leaving your environment). Semantic Scholar API keys are optional in code but not declared; if you supply a key, provide it securely and only if needed. - Data residency & secrets: artifacts are stored under ~/.openclaw/workspace/auto-research/. If you have sensitive files or tokens on the same filesystem, verify file permissions and isolation. - Unspecified tools: SKILL.md expects platform tools (memory_search, web_search/web_fetch, sessions_spawn). Understand what those tools send/receive and whether they transmit your prompts or files externally. If you decide to use it: run initial tests in an isolated environment (throwaway account or VM), disable network at the runtime layer if possible, and inspect any generated experiment.py before allowing execution.