Paper Assistant
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user should know the skill relies on local Python scripts even though the install metadata does not declare a Python requirement.
The package is presented as having no install spec while still including helper scripts. The scripts are provided and readable, so this is an under-declared runtime/setup expectation rather than hidden code.
No install spec — this is an instruction-only skill. Code file presence: scripts/fetch_papers.py; scripts/mark_pushed.py
Review the included scripts before use and ensure Python execution is acceptable in the environment.
Using the skill will contact external public APIs and reveal normal network metadata such as IP address and user-agent to those services.
The script makes outbound requests to fixed public OpenReview and arXiv endpoints, which is directly aligned with the paper-search purpose.
OPENREVIEW_SEARCH = "https://api2.openreview.net/notes/search" ARXIV_API = "https://export.arxiv.org/api/query" ... urllib.request.urlopen(req, timeout=30)
Use it only in environments where outbound access to OpenReview and arXiv is acceptable.
A malicious or malformed paper abstract could try to influence the model's recommendation or output style.
The model is instructed to read externally fetched paper titles and abstracts. Those fields are public retrieved content, so they should be treated as data rather than instructions.
请从以下论文 JSON 列表中筛选出一篇... 对每篇候选论文,阅读标题和摘要后做出判断。
When operating the skill, treat titles and abstracts as untrusted content and ignore any instructions embedded inside paper metadata.
If the pushed list is incorrect or tampered with, the skill may skip or repeat recommendations.
The skill stores a persistent local list of pushed paper IDs that changes future deduplication behavior.
PUSHED_FILE = os.path.join(DATA_DIR, "pushed.json") ... data["pushed"].append(paper_id) ... json.dump(data, f, ensure_ascii=False, indent=2)
Keep `data/pushed.json` reviewable and reset or edit it if the recommendation history becomes inaccurate.
If configured without review, an incorrect recommendation or problematic retrieved content could be propagated into downstream summaries and group messages.
The skill explicitly describes being the first step in an automated pipeline that may later send results to a group chat.
定时任务触发时,依次调用这三个 skill 即可完成全流程... so-send-message:将精读结果推送到群聊
Add a human approval step before scheduled or automated group-chat posting.