Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Paper Engineering Assistant
v1.0.1基于“框架层-总结层-正文层”三层架构的自动化论文写作与文献管理助手。严格按照用户指定的目录(`workspace/毕业论文`)组织所有文件。
⭐ 0· 375·2 current·2 all-time
by陈宽同学@mrchenkuan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a full-featured pipeline (PDF download/parse, literature search, automated summarization, full bidirectional synchronization). The shipped agent.py only implements directory creation, a simple project-structure reporter, and a placeholder summary-update routine; it does not perform network calls, PDF parsing, summarization, or file-watching. Also the top-level description (Chinese: organize under workspace/毕业论文) conflicts with SKILL.md/agent.py default './PaperProject/'. This mismatch between claimed capability and actual footprint is inconsistent.
Instruction Scope
Runtime instructions request filesystem read/write across a project tree and network access for literature search and downloads; they also state that body files may be overwritten and that synchronization must run after each modification. The code, however, provides no implementation for downloads, parsing, or an automatic synchronization/watch mechanism, so the instructions grant broad behaviors that are not constrained or implemented. Overwrite behavior is explicit in the docs and could be destructive if run in a real project directory.
Install Mechanism
No install spec is provided and no external packages are fetched; risk from install mechanism is low. The skill is instruction-plus-a-small-agent script; nothing is downloaded or extracted during install.
Credentials
The skill declares network access and filesystem read/write in its runtime instructions but requires no environment variables or credentials. That is plausible for generic literature searches, but the SKILL.md does not declare which external services/endpoints will be contacted or whether credentials (institutional access, library proxies) are needed. The lack of declared secrets is not an immediate red flag, but network access plus unspecified endpoints increases ambiguity.
Persistence & Privilege
The skill is not marked 'always: true' and does not request special system-wide privileges. It exposes async functions (initialize_project, sync_on_body_change) that a gateway could call, but that is consistent with normal skill operation. Autonomous invocation is allowed by default (platform default) — combine that with network/filesystem access if you want to limit risk.
What to consider before installing
This skill's documentation promises substantial automation (download PDFs, parse text, summarize, and automatic bidirectional sync) but the provided code is a small, mostly placeholder script that only creates directories, lists project structure, and contains a stub for updating summaries. Before installing or using it: 1) Back up any real thesis/work directories — the skill explicitly overwrites body files. 2) Ask the author for the missing implementations: what libraries/tools will be used for PDF parsing, what network endpoints will be contacted, and how synchronization is triggered (file watcher, webhooks, or manual). 3) If you need network access disabled, run the skill in an isolated/test folder or restrict its network privileges. 4) Prefer to run the included agent.py in a sandbox to confirm behavior and to obtain a complete implementation (download/parsing/sync code) before giving it access to important files. If the author cannot justify where downloads will come from or cannot provide the actual parsing/sync code, treat the skill as incomplete and avoid using it on important data.Like a lobster shell, security has layers — review code before you run it.
latestvk972kpvhcmpq6v7mwr5g2az5v1820365
License
MIT-0
Free to use, modify, and redistribute. No attribution required.