← 返回 Skills 市场
Scholar Research
作者
Jingxiang Cheng
· GitHub ↗
· v1.0.0
460
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install scholar-research
功能描述
Search, analyze, and summarize peer-reviewed academic papers from open access sources. Provides credibility scoring, visualization, timeline generation, and...
安全使用建议
This repository appears coherent with its description: it searches public academic APIs, downloads PDFs, scores and summarizes papers, and extracts figures using optional system tools. Before installing or running it, consider: 1) Run in a sandbox or VM since it performs network requests and writes downloaded PDFs to disk. 2) Figure extraction uses pdftotext/pdfimages (Poppler) via subprocess; install those if you want full functionality or disable figure extraction. 3) test_runner.py contains a hardcoded chdir to '/home/bigclaw/.openclaw/…' — do not run that file as-is (it's a development/test artifact). 4) Provide API tokens/email only for services you trust and avoid putting sensitive credentials in config files you share. 5) The package has minor packaging/path issues (CLI entry point and imports) that are engineering issues, not security problems. If you want higher assurance, request provenance (homepage/source repo) from the publisher or run the code in an isolated environment and audit network behavior during a sample run.
功能分析
Type: OpenClaw Skill
Name: scholar-research
Version: 1.0.0
The skill is classified as suspicious due to its use of `subprocess.run` to invoke external binaries (`pdftotext`, `pdfimages`) for processing untrusted PDF files downloaded from the internet. While the `subprocess.run` calls are structured to prevent direct shell injection by passing arguments as a list, processing untrusted input with external tools introduces a vulnerability surface. A maliciously crafted PDF could potentially exploit vulnerabilities in `pdftotext` or `pdfimages`, leading to arbitrary code execution or other system compromises. This represents a significant vulnerability risk, though not clear evidence of intentional malicious behavior by the skill developer.
能力评估
Purpose & Capability
Name/description (search, score, summarize, extract figures) align with the included modules: search.py, score.py, summarize.py, figure_extract.py and a PDF downloader. Optional API tokens are present in config.json for services the skill documents (OpenAlex, Semantic Scholar, CrossRef) and are not required by default.
Instruction Scope
SKILL.md instructs the agent to search, fetch metadata/PDFs, score, and extract figures — this is exactly what the code does. The code performs network calls to many external public APIs and downloads PDFs (requests). Figure extraction attempts to call system binaries (pdftotext, pdfimages) via subprocess. A test file (test_runner.py) contains a hardcoded absolute chdir to '/home/bigclaw/.openclaw/…' which is environment-specific and could cause unintended filesystem access if executed; this is a development/test artifact and not necessary for normal skill use.
Install Mechanism
No install spec is provided (instruction-only install), so nothing will be silently downloaded at install time. The package includes Python source and lists Python dependencies (requests, beautifulsoup4, PyPDF2/opencv/transformers mentioned in SKILL.md), and the figure extraction relies on external system utilities (Poppler's pdftotext/pdfimages) if available. That reliance should be documented to avoid surprises but is proportionate to the stated feature set.
Credentials
The skill does not declare required environment variables or a primary credential. config.json includes optional API tokens/email fields for OpenAlex, Semantic Scholar, and CrossRef (reasonable and documented). There are no requests for unrelated credentials or secrets in the files.
Persistence & Privilege
The skill does not request persistent global privileges (always:false). It does not modify other skills or system-wide agent settings. It operates as a normal user-space tool that downloads content into local directories when asked.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install scholar-research - 安装完成后,直接呼叫该 Skill 的名称或使用
/scholar-research触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Scholar Research Skill 1.0.0 – Initial Release
- Enables searching, analyzing, and summarizing academic papers from a wide range of open access sources.
- Provides detailed credibility scoring, customizable by users, with metrics like citations, recency, and peer review status.
- Supports visualization features: timelines, credibility distributions, and extraction of figures from top papers.
- Allows users to add custom data sources and adjust scoring weights via configuration.
- Outputs include paper summaries, methodology highlights, credibility scores, and field evolution timelines.
元数据
常见问题
Scholar Research 是什么?
Search, analyze, and summarize peer-reviewed academic papers from open access sources. Provides credibility scoring, visualization, timeline generation, and... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 460 次。
如何安装 Scholar Research?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install scholar-research」即可一键安装,无需额外配置。
Scholar Research 是免费的吗?
是的,Scholar Research 完全免费(开源免费),可自由下载、安装和使用。
Scholar Research 支持哪些平台?
Scholar Research 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Scholar Research?
由 Jingxiang Cheng(@jcheng67)开发并维护,当前版本 v1.0.0。
推荐 Skills