ynu-papergraphgeneration-qclaw

多模态论文可视化引擎 — 从 PDF 或纯文本论文自动生成学术插图。 支持：全篇扫描识别可图化内容、双编码器架构图/算法流程图/动机图生成、 自校核机制、LaTeX/Word 图注输出、Matplotlib 结果图精确绘图。 也包含独立的 PDF → Text 提取工具。

This skill does what it says — it extracts text from PDFs, sends chunks to external LLM/image services, builds prompts, downloads images, and can generate Matplotlib code — but take the following precautions before installing or running it: - Privacy: The skill sends parts of your paper (up to ~12k chars per LLM call) to third‑party services (BANANA2/acedata or their fallbacks). Do not use it with unpublished, sensitive, or proprietary manuscripts unless you trust the target service and its data handling policies. - Code execution risk: The chart_generator module asks an LLM to return complete Python code and then writes and runs that code locally (subprocess.run). This can execute arbitrary commands if the returned code is malicious or manipulated. If you need the results, consider: - Running the skill in a strict sandbox / isolated VM or container. - Reviewing any generated Python code before execution (or disabling automatic execution and running it manually in a safe environment). - Secrets and keys: The skill needs an API key (BANANA2_API_KEY). Store keys only in secure locations (not shared configs) and prefer service accounts with minimal privileges. The skill suggests adding secrets to ~/.openclaw/openclaw.json; consider using per-skill, least-privilege keys and rotate them. - File writes: Outputs default to ~/.qclaw/workspace/outputs; if you prefer, set PAPER_DIAGRAM_OUTPUT_DIR to a dedicated directory with restricted permissions. - Hardening: If you plan to use this often, request or audit a code change that either (a) removes automatic execution of model-provided code, replacing it with a safe structured data path, or (b) adds strict sandboxing and content validation to the code-execution path. Given the combination of external data exfiltration and local execution of model-generated code, proceed only after you accept and mitigate these risks (sandboxing, key management, and manual code review).

Type: OpenClaw Skill Name: ynu-papergraphgeneration-qclaw Version: 1.1.0 The skill bundle contains a significant security risk in `scripts/chart_generator.py`, where the `execute_chart_code` function executes arbitrary Python code generated by an LLM via `subprocess.run`. While this is intended for generating Matplotlib charts, it presents a Remote Code Execution (RCE) vulnerability if the LLM output is compromised. The skill also manages sensitive API keys (e.g., `BANANA2_API_KEY`) and communicates with external endpoints like `api.acedata.cloud`. Although no evidence of intentional malice or data exfiltration was found, the execution of dynamically generated code from an untrusted AI source is a high-risk pattern.