Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ANNE Library Downloader
v1.0.0Automate downloading and DOI extraction for academic books and articles from multiple library databases with institutional login support.
⭐ 0· 53·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims full automation for institutional authentication, DOI extraction, and platform-specific downloads, but the repository only contains a single download.py that largely prints suggestions and placeholders. SKILL.md also references additional modules (auth.py, doi_extractor.py, references/config.json) that are not present. claw.json lists dependencies for both Python and Playwright, indicating a mix of runtimes; this breadth is disproportionate to the actual implemented functionality.
Instruction Scope
SKILL.md instructs installing Python Playwright and running playwright install chromium, and shows environment variables for library credentials (ANNE_LIBRARY_USER/PASS). The actual script does not read those environment variables or implement authentication (it contains comments 'Would need credentials' and 'placeholder'). The code writes a temporary Node.js script and executes it via subprocess, which is not mentioned in SKILL.md. Instructions grant broad discretion (auto-authentication) while the code does not implement it.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but SKILL.md recommends pip installing Playwright while claw.json lists dependencies without an install step. The code spawns and runs a Node.js script (requiring node + Node Playwright), but SKILL.md uses Python Playwright instructions—this mismatch between Python and Node runtime/dependency installation is a red flag and could cause users to install the wrong runtime or run code unexpectedly.
Credentials
SKILL.md instructs users to set ANNE_LIBRARY_URL, ANNE_LIBRARY_USER, and ANNE_LIBRARY_PASS, but the skill's manifest declares no required env vars and the shipped code does not consume these variables. Requesting institutional credentials is reasonable for a downloader, but here it's not wired into the code and therefore unjustified; providing credentials to an unclear/partially-implemented skill risks credential exposure.
Persistence & Privilege
The skill is not forced (always: false) and does not request persistent presence or modify other skills. It is user-invokable and does not declare autonomous always-on privileges, which is appropriate.
What to consider before installing
This package is internally inconsistent: the README claims auto-authentication and references modules that are not present, it asks you to set library credentials but the code does not use them, and it mixes Python Playwright instructions with a Node.js runtime executed via subprocess. Do not provide real institutional credentials to this skill. Ask the author (or the registry) for: (1) the missing files (auth.py, doi_extractor.py, config.json), (2) a clear install script that matches the actual runtime (either Python-only or Node-only), and (3) explicit code that shows where and how credentials are read, stored, and transmitted. If you must test it, run it in an isolated environment (sandbox or VM), use throwaway/rotated credentials, and verify network traffic. If the author cannot justify and fix these mismatches, avoid installing or running this skill with sensitive credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk979c5yjqemtx3m10drs7hc3s183maf9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.