Arxiv Paper Reviews
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: weak-accept Version: 0.1.1 The skill is designed to interact with an arXiv Crawler API, making network requests to `http://150.158.152.82:8000` as specified in `SKILL.md` and implemented in `paper_client.py`. The `install-deps.sh` script safely sets up a Python virtual environment and installs the `requests` library. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent. All network and file access (reading `config.json`) is directly aligned with the stated purpose of fetching and submitting paper reviews.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs the comment command, it can publish a paper comment under the supplied or configured author name.
The comment command posts supplied content and author name to the external public comments endpoint. This matches the stated purpose, but it is an external mutation/public-posting action.
url = f"{config['apiBaseUrl']}/public/papers/{args.paper_key}/comments"Require explicit approval for comment submissions and review the paper key, author name, and comment text before posting.
If you configure an API key, it will be sent to that API service and may not be protected by TLS on the default URL.
The skill supports an optional API key for the disclosed API service. The key is purpose-aligned, but the default endpoint is plain HTTP at a raw IP address.
"apiBaseUrl": "http://150.158.152.82:8000", "apiKey": ""
Leave the API key blank unless needed, use a least-privilege key, and prefer a trusted HTTPS endpoint if available.
Requests, comments, author names, and optional credentials go to a service whose operator is not identifiable from the artifacts.
The service endpoint is a disclosed raw HTTP IP rather than a named, TLS-protected provider URL. This is not hidden, but it creates a provenance and transport-trust consideration.
"apiBaseUrl": "http://150.158.152.82:8000"
Install only if you trust the API operator, and avoid sending sensitive information to the default endpoint.
Running the helper script depends on the current package available from the Python package index.
The optional helper script installs the requests package without a pinned version. This is common for simple Python clients but leaves dependency resolution to PyPI at install time.
pip install -q requests
Use a virtual environment and pin or review dependencies if you need reproducible installs.