← Back to Skills Marketplace
Paper review pro
by
alfredliang11
· GitHub ↗
· v1.0.0
· MIT-0
109
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install paper-review-pro
Description
高精度论文检索与检阅系统,支持多源检索、智能筛选、结构化摘要、BibTeX 导出、CCF 评级与综合评分
Usage Guidance
This skill appears to implement the advertised review/search features, but it quietly reads global OpenClaw config (~/.openclaw/openclaw.json) and environment variables (possible gateway/API tokens) and sets HF endpoint env vars without declaring them. Before installing or running: 1) inspect ~/.openclaw/openclaw.json and remove or rotate any sensitive tokens if you don't want them used; 2) run the skill in an isolated environment (dedicated VM or container) if you are worried about credential exposure or HF endpoint overrides; 3) if you don't need LLM features, run with --no-llm and/or disable network access to reduce risk; 4) review the code paths that call external LLM gateways (expansion.py) and the lines that set HF_ENDPOINT/HF_HUB_ENDPOINT in review.py; 5) consider enabling only explicit environment variables you control (set OPENCLAW_GATEWAY_URL and token) rather than allowing the skill to read global config. If you need, ask the author to declare required env/config in SKILL.md and to avoid reading other skills'/global configs.
Capability Analysis
Type: OpenClaw Skill
Name: paper-review-pro
Version: 1.0.0
The 'paper-review-pro' skill bundle is a legitimate academic research tool designed to automate paper retrieval, ranking, and summarization. It integrates with arXiv and Semantic Scholar APIs, uses LLMs (via OpenClaw Gateway or Dashscope) for generating structured summaries and query expansions, and includes a local database for CCF (China Computer Federation) rankings. The code is well-structured, featuring robust error handling such as a web-scraping fallback for arXiv (scripts/search/arxiv.py) and a timeout monitor to prevent process hangs (scripts/review.py). No evidence of malicious intent, data exfiltration, or unauthorized execution was found; all network and file operations are consistent with the tool's stated purpose of literature review and BibTeX management.
Capability Assessment
Purpose & Capability
The skill's name/description (multi-source paper retrieval, summarization, BibTeX export, CCF ranking) match the included code and modules (arXiv/Semantic Scholar search, summarizer, bibtex, scoring). However the code accesses global OpenClaw config (~/.openclaw/openclaw.json) and several environment variables (OPENCLAW_GATEWAY_TOKEN, DASHSCOPE_API_KEY, DASHSCOPE_MODEL, HF endpoints) that are not declared in the skill metadata or SKILL.md as required secrets — this is disproportionate to the claimed purpose because it reaches into user/global configuration for credentials.
Instruction Scope
Runtime instructions tell the agent to run local scripts (config.py, review.py). The code performs web requests (arXiv API + fallback scraping, Semantic Scholar API), calls LLM endpoints (OpenClaw Gateway or Dashscope) and will send prompts and paper text to those endpoints. It also attempts to read ~/.openclaw/openclaw.json for a gateway token and uses environment variables not documented in requires.env. Additionally, review.py sets HF_ENDPOINT and HF_HUB_ENDPOINT at module import time (unconditional assignment), which is out-of-band behavior relative to the SKILL.md instructions.
Install Mechanism
There is no install spec (instruction-only), and code files are present but nothing in the manifest indicates additional binary downloads; this is lower install risk. However, the skill will execute networked Python code when run (no sandboxing implied).
Credentials
The skill metadata declares no required env vars, but the code reads/writes multiple env vars and config locations: it unconditionally sets HF_ENDPOINT and HF_HUB_ENDPOINT, reads OPENCLAW_GATEWAY_TOKEN (and ~/.openclaw/openclaw.json) and may use DASHSCOPE_API_KEY and DASHSCOPE_MODEL. Accessing a global OpenClaw auth token or an API key from the user's home config is sensitive and not justified in SKILL.md; those are effectively undeclared credential accesses.
Persistence & Privilege
always is false (good), and the skill does not request permanent platform-level privileges. However it attempts to read the platform-level OpenClaw config (~/.openclaw/openclaw.json) which may contain gateway auth tokens belonging to the user's environment or other skills. Also review.py modifies HF-related environment variables for the running process, which can affect other code in the same environment.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install paper-review-pro - After installation, invoke the skill by name or use
/paper-review-pro - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Paper Review Pro 1.0.0 – 首发版本
- 首次发布高精度论文检索与评审系统,支持 arXiv 与 Semantic Scholar 多源文献检索。
- 智能筛选高价值论文,结合相关度与权威度综合评分,自动标注 CCF 评级。
- 内置 LLM 支持,自动生成结构化摘要(研究问题、方法、结论、创新点)。
- 一键导出 BibTeX,研究领域分析报告自动生成,支持 Zotero/Mendeley 等管理工具。
- 健壮的错误处理与回退机制,保障检索、分析与导出稳定运行。
- 丰富命令行参数与详细配置指导,适用于快速综述、新领域查阅、科研辅助等多场景。
Metadata
Frequently Asked Questions
What is Paper review pro?
高精度论文检索与检阅系统,支持多源检索、智能筛选、结构化摘要、BibTeX 导出、CCF 评级与综合评分. It is an AI Agent Skill for Claude Code / OpenClaw, with 109 downloads so far.
How do I install Paper review pro?
Run "/install paper-review-pro" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Paper review pro free?
Yes, Paper review pro is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Paper review pro support?
Paper review pro is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Paper review pro?
It is built and maintained by alfredliang11 (@alfredliang11); the current version is v1.0.0.
More Skills