ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Literature Reviewer Skill

v3.1.0

根据用户提供的论文主题,进行系统性中英文文献回顾(Literature Survey)。 采用8阶段工作流,支持CNKI、Web of Science、ScienceDirect等主流数据库, 无需API配置,通过浏览器自动化获取文献信息。 输出包含GB/T 7714-2015引文、标题、摘要的Markdown文...

0· 308·2 current·2 all-time
by@stephenlzc·duplicate of @stephenlzc/literature-reviewer-skill
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (systematic literature review via browser automation) matches the declared dependency on a 'browser' skill and the SKILL.md instructions to navigate/search CNKI, WOS, ScienceDirect, PubMed and Google Scholar. Required networks/domains and the workflow phases align with the stated purpose.
Instruction Scope
Instructions direct the agent to perform browser navigation, fill forms, evaluate page DOM, extract metadata, save session files, and download assets (PDF management / Unpaywall mention). It explicitly instructs pausing for CAPTCHA and to prompt the user. The scope stays within literature retrieval/analysis but includes persistent file writes (sessions/output) and PDF downloads; these are expected but increase the data surface.
Install Mechanism
No high-risk install (instruction-only primary with repository references). install.yaml/mcp.json point to a GitHub repo and recommend git_clone or Docker. docker-compose is provided; nothing indicates downloads from untrusted shorteners or remote arbitrary binaries.
!
Credentials
The skill requests no explicit env vars, but multiple files (README/security/mcp/install) and docker-compose/mcp.json warn it will access browser cookies/login state and persist Playwright/browser-data. Mounting browser-data or using a 'browser' skill that reuses host browser sessions can expose credentials, authenticated sessions, and paywalled content — a material privacy/credential risk relative to the stated task. The allowed network domains are narrowly declared, which is good, but the implicit access to browser state is a notable privilege.
Persistence & Privilege
always:false and no special platform privileges. The docker-compose creates persistent browser-data volume and writable sessions/output directories; this is expected for session resume but increases persistence of scraped data and any credentials stored in browser profiles. The SKILL recommends Docker/sandboxing which mitigates but does not eliminate risk if run unsandboxed.
Assessment
This skill is internally consistent for automated literature searching and synthesis, but it intentionally uses browser automation and may reuse browser cookies/login state and persistent Playwright data. Before installing or running it: (1) Prefer running inside the provided Docker container or another isolated sandbox to avoid exposing your host browser profile and credentials. (2) Inspect the scripts (scripts/*.py) and the SKILL.md to confirm there are no unexpected external endpoints; verify network domains are limited to the declared academic sites. (3) Avoid mounting host browser profiles or sharing real authentication cookies into the skill; remove or restrict the browser-data volume if you want stronger isolation. (4) Be aware scrapers can violate database terms of service and may trigger CAPTCHAs — review institutional access/legal constraints. (5) If you need paywalled content, prefer using institutionally-approved APIs or a dedicated account created for this tool rather than exposing your primary browser session. If you want, I can list the exact lines in the code that read/write session files, perform downloads, or reference browser-data so you can review them before running.
!
mcp.json:135
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bgf9ep9qa244z0gg0rvgpvd82k0rd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments