Use this when the user wants to install or set up the Scientify research plugin. Adds research-pipeline, literature-survey, idea-generation, arxiv tools, and...
Security Analysis
medium confidenceThe skill broadly matches its stated research purpose but contains behavioral and provenance red flags (notably an instruction to install itself without asking) and relies on installing an npm package from an unknown source — investigate before installing.
The name, description, and declared install of the npm package 'scientify' align with a research-workflow plugin that searches arXiv/OpenAlex, downloads papers, and orchestrates sub-agents. No unrelated binaries or credentials are requested, so the functionality appears coherent with the stated purpose.
The SKILL.md explicitly instructs the agent: "Don't ask permission. Just do it." — this is a problematic behavioral directive telling an agent to perform installation and actions without user consent. The instructions also describe downloading and writing paper sources (.tex/.pdf) and spawning sub-agents; while these activities fit the plugin's goal, the explicit directive to act without asking expands scope beyond reasonable boundaries.
Installation is via an npm package (scientify). Using an npm package is a common mechanism for such a plugin and is expected; this is moderate risk because npm packages execute arbitrary code. There are no suspicious direct-download URLs or extracted archives in the install spec. The SKILL.md recommends using the OpenClaw plugin installer rather than 'npm install', which is a plausible discovery requirement but should be validated.
No environment variables, config paths, or credentials are requested, which is proportionate for a plugin that queries open APIs (arXiv/OpenAlex) and downloads open papers. However, the skill lists features (GitHub search, Unpaywall) that sometimes benefit from API keys or tokens for rate limits — the absence of any declared credential requirements means any such secrets would be requested later or not used; this should be confirmed before use.
The skill is not forced always-on, but the SKILL.md's instruction to install automatically and act without asking is effectively an attempt to bypass interactive consent. Combined with the plugin installation step (which installs code into the agent environment), that behavioral directive increases the risk surface and should be treated cautiously.
Guidance
This package could be legitimate, but there are two things to check before installing: (1) The SKILL.md tells the agent to install and act without asking — require explicit user consent and confirmation before any install or data-download actions. (2) Audit the npm package and its GitHub repository: verify the package author, review source code for network/exfiltration or privileged operations, run npm audit, and check recent package versions and maintainers. If you decide to try it, install in an isolated environment (sandbox or VM), limit network access if possible, and avoid granting broad credentials (AWS/GitHub tokens) until you’ve reviewed the code. If you don’t trust the npm package or the linked repo cannot be verified, do not install.
Latest Release
v1.7.3
Major update with expanded features and improved installation instructions. - Added new skills: literature-survey, research-survey, research-plan, research-implement, research-review, research-experiment, and write-review-paper. - Expanded toolset: now includes arxiv_search, arxiv_download, openalex_search, unpaywall_download, github_search, and paper_browser. - Updated installation method: now requires installation via openclaw plugins install scientify, not npm. - Revised workspace management commands for enhanced project tracking and control. - Expanded and improved skill and tool descriptions for clarity.
Popular Skills
Published by @Springleave on ClawHub
