Deepaistudy Errors
Security checks across malware telemetry and agentic risk
Overview
The skill’s behavior matches its study-error-book purpose, but it uses a shared local username/password config, uploads user-selected images to a remote service, and can modify or delete study records.
This looks purpose-aligned for managing an AI-assisted wrong-answer notebook. Before installing, be comfortable storing DeepAIStudy credentials in the shared local config, uploading homework images to the configured server, and letting the CLI modify or delete study records when you explicitly request those actions.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your DeepAIStudy account credentials are stored locally and sent to the configured server for login.
The skill reads or writes a shared local config and uses the stored username/password to log in to the configured service.
CONFIG_DIR = Path.home() / ".config" / "deepaistudy-prep" ... requests.post(f"{self.server}/api/mobile/login", json={"username": self.username, "password": self.password}, timeout=30)Use this only with the intended DeepAIStudy server, protect the local config file, and avoid sharing the machine or config with untrusted users.
Photos of homework or exam mistakes may contain personal or educational information and will be sent to the remote service for processing.
The skill uploads user-selected image files and related metadata to the configured remote API for AI analysis, which is central to the skill’s purpose.
requests.post(f"{self.server}/api/mobile/breakthrough/ingest-analyze", headers={"Authorization": f"Bearer {self.token}"}, data=data, files=files, timeout=60)Upload only images you are comfortable sharing with the configured service, and remove unrelated personal information from photos where possible.
Running the wrong command or using the wrong record ID could alter or remove study records.
The documented CLI can change mastery status or delete wrong-answer records by ID; these are expected account-management actions for this skill.
deepaistudy-errors master 123 ... deepaistudy-errors unmaster 123 ... deepaistudy-errors delete 123
Confirm record IDs before marking or deleting items, and avoid asking the agent to delete records unless that is your explicit intent.
Installation may resolve whatever compatible requests version is available in the environment.
The package depends on requests without a pinned version; the registry also lists the source as unknown, which is a minor provenance and dependency-management consideration.
install_requires=["requests"]
Install in a controlled Python environment and rely on trusted package indexes or pinned dependency management if reproducibility matters.