Skillv1.0.0

ClawScan security

Research Paper Quality Filter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 28, 2026, 1:33 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a paper-filtering tool, but there are several internal inconsistencies (music-specific criteria despite a generic description, examples referencing a non-existent CLI, and differing owner metadata) and it instructs storing full papers locally — review before installing.
Guidance: This skill is not obviously malicious, but I recommend caution before installing or running it: 1) Confirm scope — the criteria and examples are strongly music-generation–focused despite a generic description; if you expect a general-purpose filter, ask the author for clarification. 2) Expect local data retention — the skill requires writing audit logs and preserving full filtered papers under research/{domain}/…; ensure you are comfortable storing possibly copyrighted or sensitive papers and that storage location is acceptable. 3) There is no provided binary or script despite example CLI commands; decide whether you or your agent will implement the functionality or if the package should include executable code. 4) Metadata mismatch: the registry ownerId differs from _meta.json ownerId/slug — ask the publisher to confirm provenance. 5) If you still want to try it, run it in a restricted/sandbox environment first, inspect any logs created, and limit access to sensitive data. Additional information that would raise or lower concern: presence of network endpoints, included scripts or downloads, or requests for credentials would raise the risk; a provided, signed implementation and consistent metadata would lower it.

Review Dimensions

Purpose & Capability: concernThe top-level description claims a general 'academic paper quality filter' but the scoring criteria and examples are narrowly focused on 'music/song/audio generation'. The SKILL.md shows example CLI usage (quality_filter ...) even though this is an instruction-only package with no binaries or scripts provided. These mismatches suggest the skill may be tailored to a narrow domain or is incomplete.
Instruction Scope: noteInstructions stay within filtering and logging: ingest papers (arXiv), score them, and append results to a local audit log. However the skill explicitly requires preserving filtered papers (i.e., storing full paper content) and writing append-mode logs under research/{domain}/quality_filtering/..., which can retain potentially sensitive or copyrighted documents. SKILL.md does not instruct reading unrelated system files or env vars.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing will be downloaded or written by an installer. That reduces supply-chain risk, but also means the instructions expect the agent or user to implement the CLI behavior themselves.
Credentials: okNo environment variables, credentials, or external endpoints are requested. The only resource access implied is local filesystem write access to create the research/{domain}/... directory tree, which is proportionate to the stated audit/logging purpose.
Persistence & Privilege: okThe skill does not request persistent platform privileges (always:false). Its main persistent behavior is writing append-mode logs and preserving filtered papers in a local directory, which is consistent with the audit-trail claim but should be considered by the user for privacy/storage policy reasons.