ClawHub
Back to skill
v1.0.0

论文作者档案生成器

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:30 AM.

Analysis

This instruction-only skill is coherent, but it will aggregate public author profiles and create an online document, so users should review the content and sharing settings.

GuidanceThis appears safe to use for its stated purpose if you are comfortable with public web lookups, subagent batching for large author lists, and creation of an online Redoc document. Review the generated author data for accuracy and avoid publishing private contact details or unverified sensitive claims.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
Step 3:生成双 Sheet Redoc 文档

用 hi-redoc-curd skill 推送。

The workflow explicitly uses another skill to push an online Redoc document. This is aligned with the stated purpose, but it is still an external write/publish action.

User impactThe agent may create or update an online document containing author profile information.
RecommendationConfirm the generated table content and Redoc visibility/sharing settings before publishing or sharing the document.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceMediumStatusNote
SKILL.md
见 references/batch-task-template.md。... 见 references/output-template.md。

The skill references template files for batching and output formatting, but the supplied artifact set contains only SKILL.md, so those referenced templates are not visible in this review.

User impactThe exact referenced batching and output templates are not shown here, which leaves some implementation detail to the surrounding environment or another source.
RecommendationIf those reference templates are available at install or runtime, review them before relying on the workflow for large batches or document publishing.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
超过 30 人时用 sessions_spawn 分批(每批 30-40 人,最多 5 个子代理)。

The skill instructs the agent to split large author lists across up to five subagents. This is purpose-aligned for parallel research, but it increases the number of agent contexts handling the collected profile data.

User impactAuthor names and collected public profile details may be distributed across multiple subagent sessions during processing.
RecommendationUse this only when comfortable with subagent batching, and avoid adding private or sensitive information beyond the public author-profile fields requested.