Literature Reviewer Skill
Security checks across malware telemetry and agentic risk
Overview
The skill is purpose-aligned for literature reviews, but users should notice its browser automation, possible logged-in database use, local session files, and unpinned GitHub install guidance.
This skill appears suitable for literature-review tasks. Before installing or using it, prefer the reviewed package over an unpinned GitHub clone, supervise browser automation on academic sites, avoid unapproved bulk downloads, and remember that session folders may retain your research topic and collected paper metadata.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may open academic databases, fill search forms, and scrape result metadata automatically.
The skill directs the agent to automate browser actions on academic database sites. This is central to the stated purpose, but it can generate web traffic and interact with third-party sites on the user's behalf.
使用 `browser_navigate` 和 `browser_fill_form` 等工具访问数据库网页,提取文献信息。
Review requested searches and stop the workflow if a site asks for captcha, payment, login, or actions beyond metadata retrieval.
If used for downloads, the skill could consume institutional or paid database access through the browser session.
The reference guide discusses bulk PDF downloading that may depend on a logged-in account or paid access. This is related to literature review, but users should explicitly approve any account-backed downloads.
CNKI 对批量下载有限制 - 需要登录账号 - 部分文献需要购买权限
Only allow downloads you intend, confirm licensing or payment implications, and prefer metadata-only searches unless full text is explicitly needed.
Installing from the live repository could fetch code or instructions different from the reviewed package.
The README recommends installing from an external GitHub repository without pinning a commit or release. This is common but leaves the installed content dependent on the repository state at install time.
git clone https://github.com/stephenlzc/AI-Powered-Literature-Review-Skills.git literature-reviewer-skill
Install from the reviewed registry package or pin and inspect a specific Git commit before cloning into a skills directory.
Your research topic and collected literature metadata may be saved locally between sessions.
The skill persists search results, abstracts, analysis, and final outputs in session files. This is expected for resumable literature review, but it means retrieved web content and user topics remain available for later reuse.
sessions/{YYYYMMDD}_{topic_short}/ ... papers_raw.json ... papers_analysis.json ... literature_review.mdUse a project-specific workspace, review generated files before reuse, and delete session folders if the topic or notes are sensitive.