Skillv1.0.0

ClawScan security

学术文献检索（期刊信息、影响因子、下载链接） · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 2:06 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions align with its stated purpose (searching public academic databases and returning verifiable bibliographic info); it is an instruction-only skill that asks for no credentials or installs and does not attempt to access unrelated system resources.
Guidance: This skill is internally consistent for finding academic papers and providing links/metadata. Before installing or using it: (1) confirm your agent has web/browsing access so live searches actually work; (2) do not supply credentials to the skill—if you need to access paywalled content, use your institution's access via your browser/session rather than pasting secrets into the agent; (3) verify critical details (DOI, journal name, impact factor) against the linked source (Crossref, publisher page, JCR) because the agent can still make mistakes despite promising not to fabricate; (4) expect that some sources (JCR, Web of Science, CNKI) may be behind paywalls and the skill can only provide public links or purchase/abstract pages.

Review Dimensions

Purpose & Capability: okName/description (academic paper lookup, journal info, IF, download links) match the SKILL.md. Declared data sources (PubMed, arXiv, Google Scholar, Crossref, CNKI, Web of Science) are appropriate for the stated purpose; no unrelated credentials, binaries, or installs are requested.
Instruction Scope: noteSKILL.md directs the agent to perform live searches using a browser against the listed databases and return verifiable links and metadata. This stays within scope, but it implicitly assumes the agent has web/browsing capability. It also correctly notes paywalled resources and limits (will only provide public links). Be aware the agent could still hallucinate details despite the 'never fabricate' promise—users should verify results and source links, especially impact factors from proprietary sources (JCR).
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. Nothing will be written to disk or downloaded by an installer as part of the skill package.
Credentials: okNo environment variables, credentials, or config paths are requested. The skill lists proprietary databases (e.g., Web of Science, JCR) as data sources but does not request credentials; this is proportionate. Note: to access paywalled content the user would need to supply their own access (not requested by the skill).
Persistence & Privilege: okDefaults (always:false, agent invocation allowed) are appropriate. The skill does not request persistent system-wide privileges or modify other skills' configs.