Research Papers
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears to be a coherent academic-paper search helper, with no clear malicious behavior, but users should notice its external API use, local caching, and optional QQBot handoff.
This skill is reasonable to install if you want an academic literature-search assistant, especially for neuroimaging and dynamic brain network research. Be aware that vague searches will be steered toward that profile, queries are sent to OpenAlex/Unpaywall, local cache/output files are created, and the optional QQBot handoff should only be used if you trust the separate qqbot-send tool and account configuration.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Vague requests may return neuroimaging and disease-classification papers even when the user intended another field.
This intentionally steers ambiguous paper-search requests toward a specific research domain. It is clearly disclosed and aligned with the skill description, but it can bias results if the user expected a broader academic search.
If the request is vague, assume the default research context is dynamic brain network modeling for neurodegenerative disease classification.
If you want a general or different-domain search, state the field explicitly in your request.
Academic search terms, DOI lookups, and any configured contact email may be visible to OpenAlex or Unpaywall.
Search queries, DOIs, and an optional mailto value are sent to external academic metadata providers. This is expected for the stated purpose, but it is still an external data flow.
BASE = "https://api.openalex.org"
UNPAYWALL_BASE = "https://api.unpaywall.org/v2"
MAILTO = os.getenv("OPENALEX_MAILTO", "openclaw@example.com")Avoid sending sensitive private research topics or identifiers unless you are comfortable sharing them with those services.
Paper search results or generated review files may remain on disk after use.
The script stores API cache and generated outputs persistently under the user's home directory. This is disclosed in SKILL.md and proportionate for caching literature searches, but it leaves local records behind.
APP_DIR = Path.home() / ".openclaw" / "scholarly-research" CACHE_DIR = APP_DIR / "cache" OUTPUT_DIR = APP_DIR / "outputs"
Use the documented cache controls or delete the skill's .openclaw/scholarly-research directory if you do not want local research artifacts retained.
If you use the QQBot handoff, a generated review file may be passed to another local tool or messaging integration that was not reviewed here.
The optional QQBot handoff relies on an external qqbot-send staging script that is not part of this skill's manifest. The behavior is documented and user-directed, but the helper's provenance and permissions are outside the provided artifacts.
If needed, specify the staging script manually: python scripts/scholar-search.py review "dynamic brain network Alzheimer's disease" --papers 20 --qqmedia --stage-media-script "../qqbot-send/scripts/stage_media.py"
Only use --qqmedia or --stage-media-script if you trust the qqbot-send installation and understand what account or channel it will send to.
There may be confusion about whether credentials are needed, especially for optional QQBot handoff behavior.
The registry signal indicates possible sensitive credential use, while the declared requirements and SKILL.md say the main OpenAlex workflow needs no API key. The visible code does not show credential harvesting or misuse, so this is a metadata/usage clarity note rather than a concern.
Capability signals - requires-sensitive-credentials Requirements - Required env vars: none - Primary credential: none
Before using optional messaging handoff features, confirm which credentials or accounts they rely on and whether they are configured outside this skill.