axiv-html-cn-static
PassAudited by ClawScan on May 11, 2026.
Overview
This skill appears purpose-aligned for converting arXiv HTML into a local Chinese static webpage, but users should notice that it downloads web assets, installs Python packages, and uses some hard-coded/example external paths and CDN resources.
Install in an isolated environment, adjust the hard-coded example paths to the actual skill directory, choose a safe output folder, and use local MathJax/KaTeX if you need the generated page to be fully offline. The provided script excerpt was truncated in the review material, so inspect the full installed script if you require high assurance.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent will download remote paper resources and create files in the chosen output directory.
The skill is expected to make outbound web requests and save downloaded resources locally as part of converting arXiv HTML into a static page.
下载 PDF。下载并本地化 HTML 中的图片、图表、图标、CSS、CSS 中引用的资源。
Use it only with intended arXiv IDs and an output directory you control, and review the generated asset manifest if you need to verify what was downloaded.
The command may fail on other machines or accidentally use files from a different local skill directory.
The setup example uses a hard-coded user-specific absolute path, which may not match the installed skill path and could cause the user or agent to run the wrong local copy if copied literally.
python3 -m pip install -r /Users/nineve/.codebuddy/skills/arxiv-html-cn-static/scripts/requirements.txt
Replace the example path with the actual installed skill path or use relative paths from the reviewed skill directory.
Dependency behavior can change over time depending on the package versions installed.
The Python dependencies are minimum-version ranges rather than pinned exact versions, so future installs may resolve to newer package versions than those originally tested.
requests>=2.28.0 beautifulsoup4>=4.11.0
For repeatable or higher-trust use, pin exact dependency versions in a lockfile or install in an isolated virtual environment.
Opening the generated HTML may contact jsDelivr and run the remote MathJax script unless the user switches to a local/offline renderer.
The generated static HTML may load a remote MathJax script by default, which is disclosed and purpose-aligned for formula rendering but is still an external runtime dependency.
默认允许 `https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-svg.js` 作为公式渲染脚本
If full offline operation or stricter supply-chain control is needed, download and reference a local MathJax or KaTeX copy instead.