Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Arxiv Paper Processor
v0.1.1Tool for manual per-paper ArXiv paper processing: batch/source/pdf download then model-driven full-text reading and summary.md writing in chosen language.
⭐ 1· 1.7k·12 current·12 all-time
by@xukp20
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the included artifacts: three downloader scripts and a batch orchestrator. The files and SKILL.md describe downloading arXiv source/PDF, local throttling, extraction, and asking the model to manually produce summary.md. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
SKILL.md instructs the agent to only use the scripts for artifact download and to perform model-driven reading and manual summary writing. The instructions reference only per-paper directories, metadata files, extracted source, and PDFs. They explicitly forbid using scripts or regex-based extraction to auto-generate summaries. Note: parts of the code in the prompt were truncated, so I could not fully confirm every URL construction; verify that network requests target arXiv endpoints only.
Install Mechanism
There is no install spec (instruction-only skill with bundled scripts). This is lowest-risk from an install perspective: the skill will not download remote install artifacts on install time. The included Python scripts are run by the user/agent at runtime.
Credentials
The skill declares no required environment variables, credentials, or config paths. The scripts perform HTTP requests and write local files under per-paper directories; this is proportionate to the stated purpose.
Persistence & Privilege
Flags show always: false and normal autonomous invocation allowed. The skill does not request permanent system-wide presence or modify other skills. Its runtime behavior is limited to writing artifacts and logs in the provided run/paper directories.
Scan Findings in Context
[subprocess_run] expected: scripts/download_papers_batch.py uses subprocess.run to call the per-paper Python scripts. This is expected for a batch orchestrator that invokes the downloader scripts.
[tarfile_extract] expected: download_arxiv_source.py handles tar extraction and includes a path traversal safety check (extract_tar_safely). Use of tarfile is expected for extracting arXiv source bundles; the code includes a mitigation for unsafe paths.
Assessment
This skill appears internally consistent: it downloads arXiv source/pdf artifacts and asks the model to manually read those artifacts and write summary.md files. Before installing/using it, do the following checks: 1) Open the full scripts (the prompt contained truncated files) and confirm that all network requests are aimed at legitimate arXiv endpoints (e.g., arxiv.org) and not to unknown third-party URLs. 2) Run the scripts in an isolated workspace (or container) so downloads and extracted files are restricted to intended run directories. 3) The scripts write logs and extracted files under the run/paper directories — ensure those directories are the ones you expect. 4) No credentials are required, so never add secrets to make it 'work'. 5) If you will allow the agent to invoke this skill autonomously, be aware it can perform network downloads and write files; if you need stricter controls, keep autonomous invocation disabled or sandbox its execution. If you want higher confidence, provide the untruncated full source so URL-building and any remaining code paths can be fully audited.Like a lobster shell, security has layers — review code before you run it.
latestvk970jhcqqwnfaqdmzv1f8rzded8155db
License
MIT-0
Free to use, modify, and redistribute. No attribution required.