researchclaw-cn
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the 'researchclaw' package from PyPI and clones the source code from the official GitHub repository 'aiming-lab/AutoResearchClaw'. It also supports the use of the Tsinghua University PyPI mirror, which is a well-known and trusted service.
- [COMMAND_EXECUTION]: The skill utilizes local shell scripts for system checks, configuration management, and execution monitoring. These scripts use standard system commands and do not exhibit suspicious behavior or unauthorized privilege escalation.
- [DATA_EXPOSURE]: While the skill requests API keys for LLM providers during configuration, it encourages the use of environment variables and local configuration files, which is a standard and safe practice for secret management in development environments.
- [PROMPT_INJECTION]: The skill includes instructions that define its operational boundaries and adherence to its 'honesty principle', ensuring it reports actual errors rather than fabricating status updates. No patterns of instruction override or safety bypass were detected.
Audit Metadata