Literature Review
PassAudited by ClawScan on May 1, 2026.
Overview
This looks like a legitimate literature-review helper, but it relies on local commands and external services, including an undeclared schematic-generation dependency users should review.
Before installing, be comfortable with the agent reading and writing review files, running local Python/pandoc-style commands, and contacting academic or AI services. Verify the referenced schematic-generation dependency, keep work in a dedicated project folder, and only provide API keys or sensitive research details when necessary.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may add AI-generated figures or invoke another skill even if the user did not specifically ask for visuals.
The skill explicitly forces an additional figure-generation step. It is disclosed and related to document quality, but it may override a user's preference for a text-only review.
MANDATORY: Every literature review MUST include at least 1-2 AI-generated figures ... This is not optional.
Confirm whether figures are desired before finalizing a review, and let user instructions override the skill's default if the user requests no figures.
Figure generation may fail or may depend on code/service behavior outside this package.
The workflow references a schematic-generation helper and external skill dependency that are not part of the included scripts, so users should verify that dependency's provenance before relying on it.
python scripts/generate_schematic.py "your diagram description" -o figures/output.png
Verify the scientific-schematics skill or helper script before use, and avoid running unreviewed helper code automatically.
The agent may run local document-conversion tools and create or overwrite review PDFs at chosen output paths.
The PDF generator runs local pandoc/xelatex commands. This is expected for PDF creation, but it means the skill can execute local programs and write output files.
cmd = ['pandoc', markdown_file, '-o', str(output_pdf), '--pdf-engine=xelatex', ...]; subprocess.run(cmd, capture_output=True, text=True, check=True)
Approve only expected document-generation commands and keep output paths limited to the intended project directory.
If a user supplies an API key, the agent may be able to make requests against that academic-service account.
The documentation mentions an API key for one academic provider. This is purpose-aligned, and there is no evidence of hardcoded or leaked credentials, but users should understand any account credential they provide.
Semantic Scholar ... Access: Direct API (requires API key)
Use a dedicated, least-privileged API key when needed, and do not place secrets in review documents or search-result files.
Diagram descriptions, review topics, or summarized research content may be sent to an external AI figure-generation service.
The skill directs the agent to use another skill and an external AI image-generation provider. This is disclosed and relevant to figure creation, but it creates a separate data boundary.
Use the scientific-schematics skill ... Nano Banana Pro will automatically generate, review, and refine the schematic
Avoid sending confidential, unpublished, or sensitive research details to the schematic generator unless the provider's data handling is acceptable.