ClawHub

ArXiv Research

v1.0.0

Search and download research papers from arXiv.org - Research skill for OpenClaw agents

0· 1.1k·10 current·12 all-time
byIvan Cetta@nantes
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (search and download papers from arXiv) match the included Python code and SKILL.md. Required binary is only python and the metadata/prompted pip dependency is the arxiv library — all appropriate for this purpose. Minor bookkeeping inconsistencies exist: duplicate copies of the same Python file under different paths and mismatched version fields (registry lists 1.0.0 while _meta.json shows 1.0.4), but these are not security-critical.
Instruction Scope
SKILL.md instructions only cover installing the 'arxiv' Python package and running the provided script or using the Python API. The runtime instructions do not read unrelated files or environment variables nor send data to unexpected endpoints. Note: one SKILL.md variant references PowerShell wrapper names (arxiv.ps1, Windows-style examples) that are not included — this is an inconsistency in documentation but not a malicious behavior.
Install Mechanism
There is no automated install spec; the skill is instruction-only and asks the user to pip install the public 'arxiv' package. No downloads from arbitrary URLs or archive extraction are present.
Credentials
The skill requires no environment variables, credentials, or config paths. It writes downloaded PDFs to a Downloads/arxiv directory under the user's home — a reasonable, proportional filesystem access for a download tool.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide agent settings.
Assessment
This skill appears to do what it says: search arXiv and download PDFs. Before installing, consider: 1) the skill requires you to pip install the third-party 'arxiv' package — confirm you trust that package and its source (PyPI). 2) The script will create and write PDFs to ~/Downloads/arxiv; ensure you are comfortable with that write location. 3) Documentation inconsistencies exist (duplicate files, differing version numbers, and a SKILL.md that references a missing PowerShell wrapper); these are likely packaging/documentation issues, not malicious signs, but you may want to get a clean single-file package or inspect the repository yourself. 4) If you run this in a sensitive environment, restrict network access or review the 'arxiv' package source to be extra cautious.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dvpyc6tfpss6vvg4brexdn981t2tp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📚 Clawdis
Binspython

Comments