swiftscholar-skill
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent with its stated SwiftScholar API purpose, but users should notice that it can use an API key, upload paper PDFs/URLs to SwiftScholar, and modify favorites.
This skill appears safe to install if you intend to use SwiftScholar, but treat it as an external account integration: keep the API key secret, confirm before uploading PDFs or forcing re-parses, and avoid sending confidential papers unless SwiftScholar's data handling terms are acceptable.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used casually, the agent could consume SwiftScholar quota, submit documents for parsing, or change saved favorites when the user intended only to search or read.
The skill documents API actions that can upload papers and change account favorites. These actions are aligned with the stated purpose, but they are externally visible account operations.
submit paper URLs / PDFs for parsing ... manage / inspect favorites and favorite folders
Use clear instructions for submissions, force re-parsing, and favorites changes; ask the agent to confirm before uploading documents or changing saved account data.
The agent can act through the configured SwiftScholar API key for supported operations such as searching, submitting papers, inspecting usage, and managing favorites.
The skill uses an account-bound bearer token to access SwiftScholar endpoints. This is expected for the integration, but it gives the agent delegated access to the user's SwiftScholar account.
Header: `Authorization: Bearer <SWIFTSCHOLAR_API_KEY>`
Store the API key only in the intended execution environment, avoid pasting it into chat, and use the least-privileged or revocable key available.
PDFs, URLs, and related notes submitted through the skill may leave the local environment and be processed or stored by SwiftScholar.
The skill sends paper URLs or PDF content to the external SwiftScholar service. This data flow is disclosed and purpose-aligned, but paper files may contain sensitive or unpublished information.
Base URL: `https://www.swiftscholar.net` ... `pdfUrl: string` OR `pdfBase64: string` ... `file: binary`
Only submit papers you are comfortable sending to SwiftScholar, and review SwiftScholar's privacy and retention practices for confidential, copyrighted, or unpublished material.