Arxiv Skill Extractor
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is not clearly malicious, but it creates persistent OpenClaw skill files from externally sourced paper text without a clear review or sanitization step.
Install or run this only if you are comfortable with it creating new local OpenClaw skills. Inspect each generated skill before use, verify the external arxiv-paper-reviews dependency, and avoid automatically loading generated skills without review.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can add new persistent agent capabilities that may later be used by OpenClaw.
The skill creates a new OpenClaw skill directory and runnable script under the workspace skills path. This is purpose-aligned, but it directly mutates the agent's skill environment without an explicit review or confirmation gate in the artifacts.
const skillDir = path.join(WORKSPACE_ROOT, "skills", skillName); ... fs.writeFileSync(path.join(skillDir, "SKILL.md"), renderSkillMarkdown({ skillName, paper })); ... fs.writeFileSync(path.join(scriptsDir, "run.js"), renderNodeRunner({ paper }));Review generated SKILL.md, run.js, and paper.json before enabling or relying on the generated skill; consider generating into a quarantine/review directory first.
A malicious or contaminated paper record could influence future agent behavior through the generated skill instructions.
Externally sourced paper content is embedded directly into generated skill markdown. If that content contains prompt-injection-style instructions, it could be persisted and later treated as authoritative skill context.
const paper = options.paper || (await getPaper(finalPaperKey)); ... const abstractSnippet = abstract ? abstract.slice(0, 500) : "No abstract provided."; ... ## Learned insight
${abstractSnippet}Neutralize paper text as quoted data, strip instruction-like content, and require human review before generated skills are registered or loaded.
The extraction behavior depends partly on code outside this artifact set.
The skill depends on a sibling arxiv-paper-reviews helper that is not included in the reviewed files or declared in the registry requirements. This appears consistent with the wrapper purpose, but users must separately trust that dependency.
const { getPaper } = require(path.resolve(__dirname, "../arxiv-paper-reviews/paper_client.js"));Verify the arxiv-paper-reviews skill/helper before running extraction, especially if generated skills will be enabled automatically.