ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Paper to Slides

v1.0.0

End-to-end academic paper analysis and presentation generation. Use when a user provides a PDF paper (local path or arXiv URL) and wants (1) a deep research...

1· 90·0 current·0 all-time
byHhao@zhangguanghao523
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the content: the skill asks only for a paper (local path or URL), requires pdftotext for extraction, and contains templates for report + slides. Declared dependencies (pdftotext / poppler) are appropriate and proportional to the stated purpose.
Instruction Scope
Runtime instructions are focused on the paper: download via curl, extract text with pdftotext (and optionally pdftoppm), produce a markdown report and a single self-contained HTML file. The instructions do not ask the agent to read other system files or secrets. Minor implementation details: it suggests opening the HTML with `open` (macOS-specific) and instructs storing edits to localStorage in the generated HTML (expected for an inline editor).
Install Mechanism
Instruction-only skill with no install spec and no third-party archive downloads. This is low-risk: nothing is written to disk by the skill itself beyond files the agent explicitly downloads/creates (paper PDF in /tmp, extracted text, generated report/HTML).
Credentials
No environment variables, credentials, or config paths are requested. The HTML generation uses Google Fonts/Fontshare CDN links (documented), which requires network access but is consistent with the design.
Persistence & Privilege
Skill is not marked always:true and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide settings; generated HTML uses localStorage for optional editor persistence (limited to the user's browser).
Assessment
This skill appears coherent for converting papers to reports + single-file HTML slides. Before installing/using: 1) ensure you trust the PDF source — the skill will download and run pdftotext on the file (untrusted PDFs can trigger bugs in parsing tools); 2) install poppler/pdftotext as documented; 3) be aware generated slides load fonts from Google Fonts/Fontshare CDNs (requires internet and will make external requests when the HTML is opened); 4) the 'open' command in the instructions is macOS-specific (use xdg-open on many Linux systems); 5) there are no requests for credentials or hidden network endpoints. If any of those external behaviors are unacceptable, review or adapt the SKILL.md before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ey78gyt8crpz2gywmxf6znx83bw1c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments