ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

papersgpt-for-zotero

v1.0.1

A privacy-first, local-first search assistant and MCP server for your Zotero library, enabling AI agents to search and analyze your research papers securely.

4· 57·0 current·0 all-time
by@papersgpt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name and description (local, privacy-first Zotero search/indexing) match the SKILL.md instructions: initialize by pointing at the Zotero storage, run pz search, and stop the background service. No unrelated credentials or binaries are requested.
Instruction Scope
Instructions focus on indexing local Zotero storage and running pz CLI commands (pz init, pz search, pz stop). However, the doc refers to running a background indexing/service (an 'MCP server') without describing whether it opens network ports, what it exposes, or what data (if any) it transmits externally. That omission is notable because a background server could expose local data unexpectedly.
Install Mechanism
There is no platform install spec; SKILL.md instructs the user to run npm install papersgpt-for-zotero. Installing an npm package is a reasonable route for a CLI tool, but npm packages can execute arbitrary code (postinstall scripts, background processes). The skill references a GitHub repo URL which is a known host, but the registry metadata lists the source as unknown and has no homepage in the registry — you should verify the package source and contents before running it.
Credentials
The skill requests no environment variables, credentials, or config paths beyond the Zotero storage directory (which the user supplies). There are no unexplained secret or cloud credential requests.
Persistence & Privilege
The skill does not request 'always: true' or autonomous platform privileges. It does instruct the user to start a background indexing service (pz init) that persists outside the agent's process — this is reasonable for a local search server but may create long-lived processes and potential network exposure; the SKILL.md does not describe how that persistence is managed or secured.
Assessment
This skill appears to do what it says (index and search your local Zotero storage), but it is instruction-only and tells you to install an external npm package and run a background service. Before installing or running it: 1) inspect the npm package and its GitHub repo (check the maintainer, recent commits, issues, and package.json scripts) to ensure there are no unexpected postinstall or remote-exfiltration behaviors; 2) run it in a contained environment (VM or container) first if you are unsure; 3) verify what network ports the background service opens and avoid exposing it to the public internet; 4) backup sensitive Zotero data before indexing; and 5) prefer installing packages from a verified source or official project page rather than unknown registry metadata. If you can provide the npm package name/version or the GitHub repo content, I can re-evaluate with higher confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk978tbjkhavjrq3pnv8ne6jk6d84rhya

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments