Paper Translator
AdvisoryAudited by VirusTotal on Apr 18, 2026.
Overview
Type: OpenClaw Skill Name: paper-translator Version: 0.1.2 The skill employs a high-risk 'curl | sh' pattern in 'scripts/translate_paper.sh' to install the 'uv' package manager from 'astral.sh'. It also automatically installs the 'pdf2zh-next' tool via 'uv' without interactive user confirmation. While these behaviors are documented in 'SKILL.md' and align with the stated purpose of translating academic papers, the execution of remote scripts and automatic installation of third-party tools represent a significant security risk and potential RCE vector.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the translator can execute remote installer code as the user's account before processing the PDF.
On first use, the wrapper downloads a shell script from the network and executes it without a checksum, signature check, version pin, or separate confirmation.
curl -Ls https://astral.sh/uv/install.sh | sh;
Install uv through a trusted package manager ahead of time, or require explicit user approval plus checksum/signature verification before executing any remote installer.
A future, compromised, or unexpected version of the dependency could run with the user's local permissions.
The main translation dependency is installed dynamically without a pinned version or lockfile, so the reviewed artifacts do not determine exactly what code will run.
uv tool install pdf2zh-next;
Pin pdf2zh-next to a reviewed version, declare it in an install spec or lockfile, and avoid installing it automatically during normal skill execution.
If followed as written in a directory with multiple PDFs, the user could accidentally stage or send unintended documents.
The optional QQBot workflow stages PDFs for sending via a media channel, and the wildcard can include more PDFs than just the translated outputs.
cp *.pdf ~/.openclaw/media/qqbot/uploads/ ... Then send using `<qqmedia>/path/to/file.pdf</qqmedia>`
Copy only the specific generated files you intend to share, and verify the QQBot media path before sending.