← 返回 Skills 市场
123
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install paper-impact-analyzer
功能描述
Analyze academic paper impact using multiple data sources (arXiv, GitHub, OpenAlex, Semantic Scholar). Input an arXiv ID and get a multi-dimensional impact a...
安全使用建议
This skill appears to be internally consistent with its description: it runs a Python script that queries arXiv, GitHub, OpenAlex, and Semantic Scholar and prints a Markdown impact report. Before running it, review and consider the following: 1) The script intentionally disables SSL certificate verification for outbound HTTPS requests and uses plain HTTP for the arXiv query — this exposes you to man-in-the-middle risk on untrusted networks. If you will run it on a laptop or cloud VM, either (a) modify the script to remove the SSL bypass (use the default SSL context) and use HTTPS for arXiv, or (b) run it in a network you trust. 2) The script makes multiple external network requests — expect rate limiting from GitHub and Semantic Scholar when unauthenticated; running batch jobs may hit limits. 3) The package contains duplicate files (root and skills/ copies) which is likely harmless but unusual; you may prefer to keep only one copy. 4) If you are concerned about privacy or data leakage, inspect the full script locally before execution; it does not read local environment variables or files in the visible portions, but you should verify the truncated parts if you plan to run it. 5) Run the script in an isolated environment (container or VM) if you want to limit risk. If you want, I can point out the exact lines to change to re-enable certificate verification and use HTTPS for arXiv.
功能分析
Type: OpenClaw Skill
Name: paper-impact-analyzer
Version: 1.1.0
The skill analyzes academic paper impact by querying public APIs (arXiv, GitHub, OpenAlex, and Semantic Scholar). However, the script `scripts/analyze.py` explicitly disables SSL certificate verification (`ssl.CERT_NONE`), which is a significant security vulnerability that exposes the agent to Man-in-the-Middle (MITM) attacks. While the code appears to align with its stated purpose and lacks evidence of intentional malice or data exfiltration, this high-risk security flaw warrants a suspicious classification.
能力评估
Purpose & Capability
Name/description match the implementation: the code fetches arXiv metadata, searches/queries GitHub, queries OpenAlex and Semantic Scholar, and synthesizes a rating. Required runtime (python) and the lack of API keys align with the declared design (keyless APIs). Duplicate files (root and skills/ copies) look like packaging redundancy but are consistent with the skill purpose.
Instruction Scope
SKILL.md instructs only to run the included Python script with arXiv IDs (no other file or env access). However, the script creates an SSL context that disables certificate verification (SSL_CTX.verify_mode = ssl.CERT_NONE and check_hostname = False) and uses an http:// arXiv endpoint. That weakens transport security for all outbound HTTPS calls made by the script (makes it susceptible to MITM on untrusted networks). This behavior is not called out in the SKILL.md.
Install Mechanism
No install spec provided (instruction-only install). The skill includes Python source but does not try to install external packages or download code at runtime. This is low-risk from an installer perspective.
Credentials
The skill requests no environment variables or credentials and uses public, keyless APIs. The set of external endpoints it contacts (arXiv, api.github.com, api.openalex.org, Semantic Scholar) is proportional to its stated purpose.
Persistence & Privilege
The skill is not always-enabled, does not request elevated persistence, and there is no evidence it modifies other skills or system-wide configurations. Running the script makes network calls but does not persist credentials or reconfigure the agent.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install paper-impact-analyzer - 安装完成后,直接呼叫该 Skill 的名称或使用
/paper-impact-analyzer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Initial release of Paper Impact Analyzer script and documentation.
- Added core analysis script (`scripts/analyze.py`) for multi-source academic paper impact assessment via arXiv ID.
- Introduced comprehensive documentation and usage instructions in `README.md` and `SKILL.md`.
- Created metadata file (`_meta.json`) for skill registration.
- Supports impact metrics from arXiv, GitHub, OpenAlex, and Semantic Scholar with graceful degradation if APIs are unavailable.
v1.0.0
Initial release: multi-source fault-tolerant paper impact analysis
元数据
常见问题
Paper Impact Analyzer 是什么?
Analyze academic paper impact using multiple data sources (arXiv, GitHub, OpenAlex, Semantic Scholar). Input an arXiv ID and get a multi-dimensional impact a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 123 次。
如何安装 Paper Impact Analyzer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install paper-impact-analyzer」即可一键安装,无需额外配置。
Paper Impact Analyzer 是免费的吗?
是的,Paper Impact Analyzer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Paper Impact Analyzer 支持哪些平台?
Paper Impact Analyzer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Paper Impact Analyzer?
由 haataa(@haataa)开发并维护,当前版本 v1.1.0。
推荐 Skills