Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Awesome Paper Skill
v1.0.2Research-topic literature scouting across multiple platforms (not only arXiv), paper categorization, publication-status labeling, Awesome-style GitHub README...
⭐ 0· 167·0 current·0 all-time
byZHAO Youjun@youjunzhao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The scripts implement exactly what the description promises: multi-source paper fetching, README generation, and publishing to a GitHub repo. However the skill metadata declares no required binaries or credentials even though publish_repo.py calls git and the GitHub CLI (gh) and fetch_papers.py makes outbound HTTP calls — these runtime requirements are expected for the stated purpose but are not declared in the manifest.
Instruction Scope
SKILL.md instructs the agent to fetch from arXiv/Crossref/Semantic Scholar and to create or update a GitHub repo. The instructions will cause network calls and will attempt to create/update repos using the environment's GitHub authentication (via gh/git). The doc also states to use defaults from the 'current workspace context' if owner/repo are omitted, which could cause the skill to act on an implicitly chosen account without explicit, per-run confirmation.
Install Mechanism
There is no install spec (instruction-only), which is low risk in general, but the included Python scripts will require python3 plus external binaries (git, gh) available at runtime. Because the manifest does not list these as required, an operator might run it expecting no extra tools and be surprised when arbitrary subprocesses are invoked.
Credentials
requires.env is empty, but publish_repo.py implicitly requires GitHub credentials/configured gh CLI or working git credentials to create/push repositories. The skill does not request or document GITHUB_TOKEN, GH auth, or any confirmation step. This is proportionate to the feature (pushing to GitHub) but the omission of explicit credential requirements and guidance is a packaging/information gap that increases risk if users are not aware.
Persistence & Privilege
The skill does not request always:true and does not modify system-wide configuration (it runs git config inside a temp directory). The main persistence/privilege impact is remote: creating/updating GitHub repos using whatever account the environment provides. That is expected for a publish workflow and is not an elevated system privilege on the host.
What to consider before installing
This skill appears to do what it says, but be careful before running it: 1) It will make network requests to arXiv/Crossref/Semantic Scholar and will attempt to create or update GitHub repositories using the environment's git/gh credentials — ensure you want a tool to modify your GitHub account. 2) The manifest does not declare runtime requirements: install python3, git, and the GitHub CLI (gh), and ensure gh is authenticated (or git has push permissions). 3) Always provide explicit repo_owner/repo_name rather than relying on workspace defaults, and run the publish step against a test repo first to confirm behavior. 4) Review the generated README file before allowing the skill to push. 5) If you need stronger guarantees, ask the author to update the skill metadata to declare required binaries and document credential usage (e.g., require GITHUB_TOKEN or instruct how gh auth will be used) so you can audit and consent to those privileges.Like a lobster shell, security has layers — review code before you run it.
latestvk9725m3cak2rz4re35wr6g38758341x1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.