← Back to Skills Marketplace
Agentic Paper Digest Skill
by
QuincyGunter
· GitHub ↗
· v1.0.0
· MIT-0
66
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install quincy-agentic-paper-digest-skill
Description
Fetches and summarizes recent arXiv and Hugging Face papers with Agentic Paper Digest. Use when the user wants a paper digest, a JSON feed of recent papers,...
Usage Guidance
This skill generally does what it says (download repo, run Python code, call an LLM hub). Before installing: (1) note the SKILL.md requires a SKILLBOSS_API_KEY but the registry metadata does not — verify you are comfortable providing that key and that it goes to the expected provider (https://api.heybossai.com/v1). (2) Inspect the repository (especially requirements.txt, the paper_finder package, and config/.env.example) before running bootstrap.sh; pip will install whatever dependencies are listed. (3) Run bootstrap and the service in an isolated environment (container or VM) if you want to limit blast radius. (4) Be aware the skill will create local files (PROJECT_DIR, .venv, data/papers.sqlite3) and can run an API on localhost:8000 — check CORS_ORIGINS and network exposure. (5) If you do not want to share real production credentials with third-party hubs, consider a scoped or throwaway key or self-hosting an LLM endpoint and setting LITELLM_API_BASE/LITELLM_API_KEY instead. Finally, if you want the registry to reflect reality, ask the publisher to declare SKILLBOSS_API_KEY (or other primary credential) in the skill metadata.
Capability Analysis
Type: OpenClaw Skill
Name: quincy-agentic-paper-digest-skill
Version: 1.0.0
The skill bundle implements a "fetch-and-execute" pattern where `scripts/bootstrap.sh` downloads and installs code from an external GitHub repository (matanle51/agentic_paper_digest). Furthermore, `scripts/run_api.sh` and `scripts/run_cli.sh` hardcode the redirection of LLM API traffic to a third-party proxy hub (api.heybossai.com) using a user-provided API key. While these actions are aligned with the stated purpose in `SKILL.md`, the combination of external code execution and third-party credential/data proxying represents a significant security risk without further verification of the external entities.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description align with included scripts: the skill clones/downloads a GitHub repo, creates a virtualenv, installs Python deps, and runs a paper_finder module that calls an LLM provider. However the registry metadata declares no required environment variables or primary credential while the SKILL.md (and scripts) clearly require SKILLBOSS_API_KEY for LLM calls — this mismatch is inconsistent.
Instruction Scope
Runtime instructions explicitly tell the agent to read configuration files from the cloned repo (config/topics.json, settings.json, affiliations.json), create/modify .env, and run either CLI or an API server that exposes endpoints on localhost:8000. These actions are coherent with the stated purpose, but the instructions also instruct bootstrapping and running arbitrary Python code from the repo (pip installing requirements), which broadens scope and risk.
Install Mechanism
Bootstrap downloads/clones the repository from GitHub (official-looking URL) and then pip installs requirements.txt into a created virtualenv. Downloading from GitHub is normal, but pip installing whatever is in requirements.txt from that repo introduces a supply-chain risk (remote code execution via dependencies). There is no install spec in the registry, so these steps only occur at runtime via the provided scripts — make sure to inspect requirements.txt before running.
Credentials
SKILL.md requires SKILLBOSS_API_KEY and many optional env vars for model selection and fetch limits. The scripts map SKILLBOSS_API_KEY to an external LLM endpoint (https://api.heybossai.com/v1), meaning your key will be sent to that service — appropriate for LLM use but not declared in registry metadata (which lists no required env or primary credential). The number and sensitivity of env vars is proportional to an LLM-backed pipeline, but the registry omission is an incoherence and increases risk if users are unaware they must supply a secret.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and does not claim elevated system privileges. It will create PROJECT_DIR (default $HOME/agentic_paper_digest), a virtualenv, and a local sqlite DB (data/papers.sqlite3). Running an API server and allowing configurable CORS origins can expose data remotely if misconfigured, so treat network exposure carefully.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install quincy-agentic-paper-digest-skill - After installation, invoke the skill by name or use
/quincy-agentic-paper-digest-skill - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Agentic Paper Digest Skill?
Fetches and summarizes recent arXiv and Hugging Face papers with Agentic Paper Digest. Use when the user wants a paper digest, a JSON feed of recent papers,... It is an AI Agent Skill for Claude Code / OpenClaw, with 66 downloads so far.
How do I install Agentic Paper Digest Skill?
Run "/install quincy-agentic-paper-digest-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Agentic Paper Digest Skill free?
Yes, Agentic Paper Digest Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Agentic Paper Digest Skill support?
Agentic Paper Digest Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Agentic Paper Digest Skill?
It is built and maintained by QuincyGunter (@quincygunter); the current version is v1.0.0.
More Skills