ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

oldglycine-paper-reference-adder

v1.1.0

自动为研究论文添加相关学术引用。支持Overleaf项目目录,从TeX文件提取关键词,在Google Scholar搜索相关论文,将BibTeX条目添加到项目的bib文件,并在关键部分插入引用标记。

0· 94·0 current·0 all-time
by@oldglycine

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for oldglycine/oldglycine-paper-reference-adder.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "oldglycine-paper-reference-adder" (oldglycine/oldglycine-paper-reference-adder) from ClawHub.
Skill page: https://clawhub.ai/oldglycine/oldglycine-paper-reference-adder
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install oldglycine-paper-reference-adder

ClawHub CLI

Package manager switcher

npx clawhub@latest install oldglycine-paper-reference-adder
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md and reference docs promise Google Scholar searches, BibTeX generation, and use of libraries like scholarly and bibtexparser. The included main.py does not perform any network calls, does not use scholarly/bibtexparser, and instead simply finds unused keys already present in custom.bib and inserts citation sentences referencing those existing keys. Requiring network access or scholar credentials would be expected for the stated purpose, but no such requirements or code exist — this is an internal inconsistency.
!
Instruction Scope
The skill is intended to read TEX files, search for papers, add BibTeX entries, and insert citations. The actual runtime behavior (main.py) reads .tex files and custom.bib, then writes new sentences into specific TeX files and writes an ADD.MD report. SKILL.md mentions a backup step, but main.py does not create a backup. The script writes directly to project files (section/02_introduction.tex and section/03_related_work.tex or appends) which can alter user documents unexpectedly if anchors/paths differ — there is no robust safety check or automatic backup in the code.
Install Mechanism
There is no install spec; this is an instruction-only skill with a single Python script. Nothing is downloaded or installed automatically by the skill bundle, which reduces supply-chain risk. The reference docs mention installing scholarly/bibtexparser/pdflatex, but the package bundle itself does not perform installs.
Credentials
The skill requests no environment variables or credentials and the code does not access secrets or external credentials. That absence is proportionate with the actual code (which performs only local file reads/writes). Note the SKILL.md declares dependencies that would ordinarily require network access, but those are not used by the included main.py.
!
Persistence & Privilege
The skill is user-invocable and may be invoked autonomously by the agent (platform default). While it does not request elevated platform privileges or permanent installation, it does modify user project files in-place without performing the backup step described in documentation. Combining autonomous invocation with in-place file edits increases the potential for undesired changes if misapplied.
What to consider before installing
Do not install or run this skill on your primary project without reviewing and testing locally first. Specific recommendations: - Inspect main.py line-by-line yourself (or with a developer) before running. The script will edit TeX files and write a report and does not create a backup despite documentation saying it will. - Run the script on a copy/clone of your Overleaf project (or an isolated test folder) to observe changes. - If you expect the skill to fetch new BibTeX entries from Google Scholar, ask the author for the actual implementation or a corrected release; the shipped script does not perform network searches and only reuses keys already present in custom.bib. - If you want automatic fetching, require explicit network dependency and credentials and be aware that adds network risk; prefer manual review of any new BibTeX entries before appending. - Consider rejecting the skill or requesting the maintainer to fix these inconsistencies (implement backup, either actually use scholarly with clear consent and documented dependencies or update SKILL.md to reflect the true behavior).

Like a lobster shell, security has layers — review code before you run it.

latestvk9727zfgwhnagdk5gxrjatfek1854dsy
94downloads
0stars
1versions
Updated 1w ago
v1.1.0
MIT-0
@oldglycine
latest
Download

oldglycine-paper-reference-adder

使用场景

  • 当研究论文需要在特定部分(引言、相关工作、方法)添加额外引用时
  • 当你想根据论文内容查找相关引用文献时
  • 当你需要确保不添加重复引用时

工作原理

  1. 备份: 创建项目目录的备份以防止数据丢失
  2. 内容分析: 读取TeX文件并提取关键词和现有引用
  3. 引用搜索: 使用Google Scholar(通过scholarly库)查找相关论文
  4. BibTeX生成: 为新引用生成BibTeX条目
  5. 集成: 将新引用添加到bib文件并在文章中插入引用标记
  6. 报告: 生成包含所有添加引用及其位置的ADD.MD文件

参考资料

  • 代码参考 ref
    • 代码并不是即插即用,你必须根据用户的论文结构以及文章内容调整代码。
  • 如何备份 ref
  • 如何添加引用 ref

参数

  • project_dir: Overleaf项目目录路径
  • num_references: 要查找的引用数量(默认:10)
  • output_report: ADD.MD报告的路径(默认:./ADD.MD)

依赖项

  • scholarly(用于Google Scholar搜索)
  • bibtexparser(用于BibTeX处理)
  • pdflatex(可选,用于编译论文)

注意事项

  • 处理现有引用以避免重复
  • 重点在关键部分(引言、相关工作、方法)插入引用
  • 生成所有添加引用的详细报告
  • 兼容Overleaf项目结构
  • 使用scholarly库作为Google Scholar API的替代方案

Comments

Loading comments...