Arxiv Agentic Verifier
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill matches its code-verification purpose, but it runs submitted Python or JavaScript directly on your machine without a sandbox.
Only use this skill in a sandboxed environment if you plan to verify untrusted code. Treat submitted code as executable malware-capable input, use a limited OpenAI API key, and avoid sending private code or secrets to the provider.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Untrusted or malicious candidate code could read, modify, or delete local files, access environment variables, use the network, or otherwise act with the user's local permissions.
The skill writes caller-supplied code to a local file and executes it with the host Python or Node interpreter. The only containment shown is a 5-second timeout, not a sandbox.
fs.writeFileSync(filepath, code); ... const output = execSync(command, { input: input, timeout: 5000, encoding: 'utf-8' });Run this only inside a disposable sandbox, VM, or container with restricted filesystem, network, and environment access. Add explicit user confirmation before executing code and declare the Python/Node execution requirement.
Private problem statements, proprietary code, or secrets embedded in code could be sent to OpenAI.
Problem descriptions and candidate code are included in the prompt sent to OpenAI for test generation. This is purpose-aligned, but it is an external provider data flow.
Problem:\n${problemDescription}\n\nCode:\n${candidateCode} ... this.openai.chat.completions.create({ messages: [{ role: "user", content: prompt }], model: "gpt-4-turbo-preview"Do not submit confidential code or secrets unless that provider use is acceptable. Document the external data flow clearly for users.
The skill can consume the user's OpenAI quota and make requests under that credential.
The skill uses an OpenAI API key for LLM reasoning. This is expected for the stated purpose, and the artifacts do not show hardcoded keys, logging, or unrelated credential use.
const key = apiKey || process.env.OPENAI_API_KEY; ... this.openai = new OpenAI({ apiKey: key });Use a dedicated, limited API key and monitor usage. The registry metadata should declare the OPENAI_API_KEY requirement.
It is harder to verify maintainership, update history, or whether future releases match the reviewed code.
The registry record provides no source repository or homepage, so provenance review is limited to the submitted artifacts.
Source: unknown Homepage: none
Install only if you trust the publisher and the provided package contents; prefer a public source repository for future review.