paper claw
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the main paper-fetching action may execute code that was not included in this review, potentially using your email or LLM credentials.
The helper executes a Python script located under a parent-derived path, but scripts/main.py is not included in the provided manifest. Invoking the fetch function could therefore run unreviewed or unintended code outside the supplied artifact.
SKILL_ROOT = Path(__file__).resolve().parents[1] cmd = ["python", str(SKILL_ROOT / "scripts" / "main.py")] result = subprocess.run(cmd, capture_output=True, text=True, cwd=SKILL_ROOT)
Only run this after confirming the exact scripts/main.py source is included, reviewed, and located inside the intended skill directory.
The visible package may not be enough to know what code will actually run or what scheduled job would do.
The documentation references runtime scripts, workflow files, and config files that are not present in the supplied file manifest, and there is no install spec explaining how those files are obtained.
python scripts/main.py Already configured in `.github/workflows/daily_digest.yml` See `config/arxiv_categories.json`
Require a complete packaged artifact or a pinned, reviewable install source before installing or scheduling the skill.
Applying presets or configuring recipients could modify files outside the expected skill folder.
In the provided top-level layout, the code derives its working root from the parent of the skill file and writes configuration there. This is broader than a clearly scoped write under the supplied skill directory.
SKILL_ROOT = Path(__file__).resolve().parents[1] config_path = SKILL_ROOT / "config" / "recipients.json" config_path.write_text(json.dumps(config, indent=2, ensure_ascii=False), encoding="utf-8")
Change file writes to a clearly contained skill-owned directory and show the user the target path before modifying configuration.
The skill can send email through the configured SMTP account and may call external AI providers if keys are supplied.
The skill needs SMTP credentials for email delivery and optionally LLM provider keys for summaries. This is purpose-aligned and disclosed, with no direct evidence of credential leakage in the supplied files.
requires":{"bins":["python3"],"env":["SMTP_HOST","SMTP_PORT","SMTP_USER","SMTP_PASS"],"optional_env":["MOONSHOT_API_KEY","OPENAI_API_KEY","ANTHROPIC_API_KEY","GOOGLE_API_KEY","DEEPSEEK_API_KEY"]}Use dedicated, least-privilege credentials where possible and review the complete runtime code before providing real keys.
If scheduled, the skill may repeatedly fetch papers and send digests without a fresh manual prompt each day.
The skill documents persistent deduplication state and optional scheduled daily execution. This is disclosed and aligned with a daily digest, but users should recognize that enabling it creates recurring autonomous activity.
🔄 **State Persistence** — Auto-deduplication ### Schedule Daily Runs 0 1 * * * cd /path/to/paper_claw && python scripts/main.py
Enable scheduling only after reviewing the full runtime and confirming recipients, credentials, and output paths.