Back to skill
Skillv1.0.1
ClawScan security
openreview-review-analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 10:19 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are coherent with its stated purpose of fetching and synthesizing public OpenReview reviews; it makes only direct API/web requests and does not request credentials or unusual system access.
- Guidance
- This skill appears to do what it claims: it will make network requests to OpenReview (api2.openreview.net / api.openreview.net) and write a JSON file to /tmp/openreview_<forum_id>.json, then produce a synthesis using the bundled template. It does not request credentials. Before installing, you may want to: (1) review the full fetch_reviews.py file yourself (it runs as your user with Python), (2) confirm your environment allows outgoing HTTPS to api2.openreview.net, and (3) be aware that fallbacks include web searches or web_fetch calls that will query other websites for cached review content. If your environment forbids outbound network access or you must avoid writing files to /tmp, do not install or run the skill.
Review Dimensions
- Purpose & Capability
- okName/description match the actual behavior: the included Python script and SKILL.md fetch review notes from OpenReview APIs and synthesize them. Required binary (python3) is appropriate and no unrelated services or credentials are requested.
- Instruction Scope
- noteRuntime instructions are focused on extracting a forum ID, running the included script, and generating a report from the fetched JSON. The fallback instructions include web_fetch and web_search for additional retrieval, which stays within the goal but means the agent may perform broader web queries if the API fails.
- Install Mechanism
- okThere is no install spec (instruction-only skill with an included script). That minimizes install risk; the script uses only standard libraries or requests (if present). No downloads or external installers are performed.
- Credentials
- okThe skill declares no environment variables, no credentials, and no config paths. The functionality (reading public OpenReview data) does not require secrets, so the requested privileges are proportionate.
- Persistence & Privilege
- okThe skill is user-invocable and not always-enabled. It does not request persistent agent-wide privileges or modify other skills/config; autonomy defaults are unchanged.