← Back to Skills Marketplace
114
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install neckr0ik-anne-library
Description
Automate downloading and DOI extraction for academic books and articles from multiple library databases with institutional login support.
Usage Guidance
This package is internally inconsistent: the README claims auto-authentication and references modules that are not present, it asks you to set library credentials but the code does not use them, and it mixes Python Playwright instructions with a Node.js runtime executed via subprocess. Do not provide real institutional credentials to this skill. Ask the author (or the registry) for: (1) the missing files (auth.py, doi_extractor.py, config.json), (2) a clear install script that matches the actual runtime (either Python-only or Node-only), and (3) explicit code that shows where and how credentials are read, stored, and transmitted. If you must test it, run it in an isolated environment (sandbox or VM), use throwaway/rotated credentials, and verify network traffic. If the author cannot justify and fix these mismatches, avoid installing or running this skill with sensitive credentials.
Capability Analysis
Type: OpenClaw Skill
Name: neckr0ik-anne-library
Version: 1.0.0
The skill is classified as suspicious due to a code injection vulnerability in 'scripts/download.py', where the 'url' parameter is directly interpolated into a Node.js script executed via subprocess. Additionally, 'SKILL.md' encourages users to store sensitive institutional credentials in environment variables (e.g., ANNE_LIBRARY_PASS), yet the provided code is largely a placeholder and the actual authentication logic ('scripts/auth.py') is missing from the bundle, which is a significant red flag for a tool requesting such sensitive data.
Capability Assessment
Purpose & Capability
The skill claims full automation for institutional authentication, DOI extraction, and platform-specific downloads, but the repository only contains a single download.py that largely prints suggestions and placeholders. SKILL.md also references additional modules (auth.py, doi_extractor.py, references/config.json) that are not present. claw.json lists dependencies for both Python and Playwright, indicating a mix of runtimes; this breadth is disproportionate to the actual implemented functionality.
Instruction Scope
SKILL.md instructs installing Python Playwright and running playwright install chromium, and shows environment variables for library credentials (ANNE_LIBRARY_USER/PASS). The actual script does not read those environment variables or implement authentication (it contains comments 'Would need credentials' and 'placeholder'). The code writes a temporary Node.js script and executes it via subprocess, which is not mentioned in SKILL.md. Instructions grant broad discretion (auto-authentication) while the code does not implement it.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but SKILL.md recommends pip installing Playwright while claw.json lists dependencies without an install step. The code spawns and runs a Node.js script (requiring node + Node Playwright), but SKILL.md uses Python Playwright instructions—this mismatch between Python and Node runtime/dependency installation is a red flag and could cause users to install the wrong runtime or run code unexpectedly.
Credentials
SKILL.md instructs users to set ANNE_LIBRARY_URL, ANNE_LIBRARY_USER, and ANNE_LIBRARY_PASS, but the skill's manifest declares no required env vars and the shipped code does not consume these variables. Requesting institutional credentials is reasonable for a downloader, but here it's not wired into the code and therefore unjustified; providing credentials to an unclear/partially-implemented skill risks credential exposure.
Persistence & Privilege
The skill is not forced (always: false) and does not request persistent presence or modify other skills. It is user-invokable and does not declare autonomous always-on privileges, which is appropriate.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install neckr0ik-anne-library - After installation, invoke the skill by name or use
/neckr0ik-anne-library - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Anne's Library Downloader 1.0.0 – Initial release
- Automates downloading of books, articles, and DOIs from major academic library platforms.
- Supports auto-authentication for institutional access.
- Extracts DOIs from URLs and saves metadata with each PDF.
- Handles batch downloads from reading lists.
- Offers format conversion to PDF, EPUB, and text.
- Compatible with platforms including VitalSource, ProQuest, EBSCOhost, JSTOR, PubMed Central, ScienceDirect, Springer Link, and Taylor & Francis Online.
Metadata
Frequently Asked Questions
What is ANNE Library Downloader?
Automate downloading and DOI extraction for academic books and articles from multiple library databases with institutional login support. It is an AI Agent Skill for Claude Code / OpenClaw, with 114 downloads so far.
How do I install ANNE Library Downloader?
Run "/install neckr0ik-anne-library" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ANNE Library Downloader free?
Yes, ANNE Library Downloader is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does ANNE Library Downloader support?
ANNE Library Downloader is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ANNE Library Downloader?
It is built and maintained by Neckr0ik (@neckr0ik); the current version is v1.0.0.
More Skills