nature-downloader
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseNature Literature Downloader
Nature 文献下载工具
This skill routes literature through lawful open-access, publisher-API, CNKI institutional, and browser-based institutional providers. is the orchestration entry point; school configuration, publisher credentials, metadata/OA resolution, provider downloads, content validation, and manifests are separate modules.
scripts/batch_download.mjsVerified routes are examples, not defaults. Every institution should start from the user's actual library resource URL, because resource portals, CAS callbacks, EZproxy, WebVPN, IP-authenticated database pages, and database detail pages reveal the live authorization path more reliably than a school name.
SI confirmation gate — do this first. Before downloading any PDF, CAJ, HTML, XML, archive, or attachment, ask whether the user wants Supporting Information. An explicit request for SI counts as yes; an explicit request for正文 only counts as no. Otherwise ask once for the whole batch. Run the downloader with exactly one ofor--si. Without either flag the script returns--no-siand does not create the output directory.si_confirmation_required
Main workflow. Normalize the DOI/title and identify language and publisher before routing. Chinese literature always uses CNKI. For English Elsevier, Springer Nature, and IEEE articles with usable provider credentials, try the publisher API first and do not require an OA determination after a successful API download. If that API attempt fails, automatically check legitimate OA sources. Other English publishers check OA first, then use the institutional Web Access route when OA is unavailable.
text
规范化 DOI/题名并识别语言、出版商
├─ 中文文献:直接走 CNKI
└─ 英文文献
├─ Elsevier / Springer Nature / IEEE,且已配置有效 Key
│ ├─ 优先通过出版商 API 下载
│ ├─ API 下载成功:结束,不强制判断 OA
│ └─ API 下载失败:检查文章级 OA,再走 PMC / Unpaywall / 合法仓储
└─ 其他出版商
├─ 检查文章级 OA
└─ OA 不可用:走 Web Access 机构授权Chinese literature is CNKI-only. A Chinese title,metadata language, explicit CNKI source URL, orzhmust use CNKI even if another OA copy appears to exist. Reuse the user's current Chrome library/CNKI login state and prefer configured--route cnki. Never export cookies or collect the institutional password.discovery.cnki_url
Publisher API fallback. A valid API key does not guarantee full-text entitlement. When an Elsevier, Springer Nature, or IEEE API attempt returns no entitlement or no usable full text, automatically try legitimate OA sources first. Returnand ask once whether to use Web Access only after both the publisher API and OA routes fail. Do not switch to institutional Web Access automatically.api_fallback_confirmation_required
Browser-state principle. Authorized downloads depend on the exact browser profile where the user is logged in. If a proxy, CDP session, or browser automation tool opens a fresh profile or a different browser with no login state, do not treat the failure as missing library permission. Switch to a control path that reuses the user's active browser session, or ask the user to authenticate in the controlled browser instance.
Format principle. PDF, HTML full text, and database-native formats such as CAJ are different deliverables. If the user asks for PDF only, require a real PDF link orresponse and report/no_authorized_pdf_foundwhen none exists. Do not save CAJ, HTML, or a login page as if it were a PDF.pdf_fetch_failed
本工具通过合法开放获取(OA)、出版商API、CNKI机构权限及基于浏览器的机构授权渠道获取文献。是编排入口;学校配置、出版商凭证、元数据/OA解析、渠道下载、内容验证及清单管理为独立模块。
scripts/batch_download.mjs已验证的渠道仅为示例,非默认配置。每个机构都应从用户实际使用的图书馆资源URL开始配置,因为资源门户、CAS回调、EZproxy、WebVPN、IP认证数据库页面及数据库详情页比学校名称更能可靠地反映实时授权路径。
补充材料(SI)确认环节——请优先执行此步骤。 在下载任何PDF、CAJ、HTML、XML、压缩包或附件前,需询问用户是否需要补充材料。明确要求SI则视为同意;明确要求仅下载正文则视为拒绝。其他情况需针对整批文献询问一次。运行下载器时必须指定或--si参数之一。若未指定任一参数,脚本将返回--no-si且不会创建输出目录。si_confirmation_required
主工作流 先规范化DOI/题名并识别语言与出版商,再选择渠道。中文文献始终使用CNKI渠道。对于拥有可用出版商凭证的英文Elsevier、Springer Nature和IEEE文献,优先尝试出版商API下载,且API下载成功后无需强制判断OA状态。若API尝试失败,自动检查合法OA来源。其他英文出版商则先检查OA状态,OA不可用时再使用机构Web访问渠道。
text
规范化 DOI/题名并识别语言、出版商
├─ 中文文献:直接走 CNKI
└─ 英文文献
├─ Elsevier / Springer Nature / IEEE,且已配置有效 Key
│ ├─ 优先通过出版商 API 下载
│ ├─ API 下载成功:结束,不强制判断 OA
│ └─ API 下载失败:检查文章级 OA,再走 PMC / Unpaywall / 合法仓储
└─ 其他出版商
├─ 检查文章级 OA
└─ OA 不可用:走 Web Access 机构授权中文文献仅使用CNKI渠道。若文献为中文题名、元数据语言为、明确提供CNKI来源URL或指定zh参数,即使存在其他OA副本也必须使用CNKI渠道。复用用户当前Chrome浏览器的图书馆/CNKI登录状态,优先使用已配置的--route cnki。禁止导出Cookie或收集机构密码。discovery.cnki_url
出版商API降级方案。有效的API密钥不保证全文获取权限。当Elsevier、Springer Nature或IEEE的API尝试返回无权限或无可用全文时,自动优先尝试合法OA来源。仅当出版商API和OA渠道均失败时,返回并询问用户是否使用Web访问渠道,禁止自动切换至机构Web访问。api_fallback_confirmation_required
浏览器状态原则。授权下载依赖用户已登录的特定浏览器配置文件。若代理、CDP会话或浏览器自动化工具打开全新配置文件或未登录的其他浏览器,不得将此视为缺少图书馆权限。切换至复用用户活跃浏览器会话的控制路径,或要求用户在受控浏览器实例中完成认证。
格式原则。PDF、HTML全文及CAJ等数据库原生格式为不同交付物。若用户仅要求PDF格式,需获取真实PDF链接或响应,若无则返回/no_authorized_pdf_found。不得将CAJ、HTML或登录页面保存为PDF格式。pdf_fetch_failed
Download Intake and First-Run Configuration
下载接收与首次运行配置
For every download request, first establish the paper list and ask:
text
是否同时下载这些文献的 Supporting Information(SI,补充材料)?Do metadata lookup before this question only when needed to identify the requested papers. Do not download files until the answer is known. Configure a library only when the selected route is CNKI or Web Access. Configure a publisher API only when the selected English article belongs to Elsevier, Springer Nature, or IEEE; an OA determination is not required before trying a configured provider API.
对于每个下载请求,先确定文献列表并询问:
text
是否同时下载这些文献的 Supporting Information(SI,补充材料)?仅在需要识别目标文献时才在此问题前进行元数据查询。在得到答复前不得下载文件。仅当选择CNKI或Web访问渠道时才配置图书馆信息。仅当所选英文文献属于Elsevier、Springer Nature或IEEE时才配置出版商API;尝试已配置的出版商API前无需判断OA状态。
Paid Library Resource Configuration
付费图书馆资源配置
Ask for the library resource URL the user actually uses:
text
请发你平时进入图书馆电子资源/数据库的平台链接。
可以是资源门户、数据库列表、Web of Science 入口、某个数据库详情页,
或跳转到统一身份认证的登录链接。Then infer the authorization route from the URL before saving config:
bash
python3 scripts/configure_school.py infer "https://example.edu/library/resources"
python3 scripts/configure_school.py url "https://example.edu/library/resources"
python3 scripts/configure_school.py show
python3 scripts/configure_school.py health --forceThe distributed skill contains no school presets. If the user cannot provide a resource URL, ask them to locate their institution's library/database entry instead of guessing a school-specific domain.
The default config path is:
text
~/.config/lit-dl/school.jsonFor tests or isolated profiles, set:
bash
LIT_DL_CONFIG_DIR=/path/to/configdirThe downloader reads this config automatically. If is present, uses it as the Web of Science entry; otherwise it falls back to .
discovery.web_of_science_urlscripts/batch_download.mjshttps://www.webofscience.com/wos/woscc/basic-searchFor Chinese literature, the downloader also reads when present. If absent, falls back to .
discovery.cnki_urlscripts/batch_download.mjs --title "<中文题名>"https://kns.cnki.net/kns8s/defaultresult/index请用户提供其实际使用的图书馆资源URL:
text
请发送你平时进入图书馆电子资源/数据库的平台链接。
可以是资源门户、数据库列表、Web of Science 入口、某个数据库详情页,
或跳转到统一身份认证的登录链接。在保存配置前,从URL推断授权路径:
bash
python3 scripts/configure_school.py infer "https://example.edu/library/resources"
python3 scripts/configure_school.py url "https://example.edu/library/resources"
python3 scripts/configure_school.py show
python3 scripts/configure_school.py health --force本工具未内置学校预设配置。若用户无法提供资源URL,请引导用户查找其机构的图书馆/数据库入口,而非猜测学校特定域名。
默认配置路径为:
text
~/.config/lit-dl/school.json对于测试或独立配置文件,设置:
bash
LIT_DL_CONFIG_DIR=/path/to/configdir下载器会自动读取此配置。若存在,将其用作Web of Science入口;否则回退至。
discovery.web_of_science_urlscripts/batch_download.mjshttps://www.webofscience.com/wos/woscc/basic-search对于中文文献,下载器也会读取已配置的。若未配置,将回退至。
discovery.cnki_urlscripts/batch_download.mjs --title "<中文题名>"https://kns.cnki.net/kns8s/defaultresult/indexAPI-First and Open-Access Fallback
API优先与开放获取降级方案
For an English article, identify its publisher before deciding when to resolve article-level OA:
-
Collect a DOI, PMID, exact title, article URL, or a definite paper list, then normalize its metadata and publisher.
-
If it belongs to Elsevier, Springer Nature, or IEEE and usable provider credentials are configured, try that publisher API first. On success, recordand
accessMode: publisher_api; do not run OA resolution only to label the article.oa_status: not_checked_api_first -
If the publisher API fails, automatically search legitimate OA sources such as PMC, Unpaywall, publisher OA pages, arXiv, and other lawful repositories or clearly open PDF URLs. Preserve the failed API attempt in the manifest.
-
For all other English publishers, search those legitimate OA sources before Web Access.
-
For an exact title or an explicit OA-only request, prefer:bash
node scripts/batch_download.mjs --title "<exact title>" --open-access --no-si --out "<project>"Usewhen the user supplies a known legitimate OA PDF URL.--pdf-url -
Verify the downloaded file and record the source. Mark a successful PDF as.
open_access_downloaded -
If no lawful OA full text is found, mark. For a supported publisher whose API already failed, request confirmation before Web Access. For another publisher, continue to Web Access. If
oa_not_foundwas explicitly requested, stop after the OA result.--route open_access
对于英文文献,在决定是否解析文章级OA前先识别其出版商:
-
收集DOI、PMID、精确题名、文章URL或明确的文献列表,然后规范化其元数据与出版商信息。
-
若文献属于Elsevier、Springer Nature或IEEE且已配置可用的出版商凭证,优先尝试该出版商API。成功后记录和
accessMode: publisher_api;无需为标记文献而执行OA解析。oa_status: not_checked_api_first -
若出版商API失败,自动搜索合法OA来源,如PMC、Unpaywall、出版商OA页面、arXiv及其他合法仓储或明确开放的PDF URL。在清单中保留API尝试失败记录。
-
对于其他所有英文出版商,先搜索合法OA来源,再使用Web访问渠道。
-
对于精确题名或明确要求仅OA的请求,优先使用:bash
node scripts/batch_download.mjs --title "<exact title>" --open-access --no-si --out "<project>"当用户提供已知合法OA PDF URL时,使用参数。--pdf-url -
验证下载文件并记录来源。将成功下载的PDF标记为。
open_access_downloaded -
若未找到合法OA全文,标记。对于已尝试API失败的支持出版商,在使用Web访问前需请求用户确认。对于其他出版商,直接继续使用Web访问渠道。若明确指定
oa_not_found参数,OA结果出来后即停止操作。--route open_access
Publisher API Credentials
出版商API凭证
Configure credentials lazily, only when the route first needs them:
bash
python3 scripts/configure_credentials.py set elsevier
python3 scripts/configure_credentials.py set springer_nature
python3 scripts/configure_credentials.py set ieee --fulltext-endpoint 'https://issued-endpoint.example/articles/{doi}'
python3 scripts/configure_credentials.py set elsevier --stdin
python3 scripts/configure_credentials.py show
python3 scripts/configure_credentials.py validate <provider>
python3 scripts/configure_credentials.py delete <provider>
python3 scripts/configure_credentials.py contact-email researcher@example.orgGive the user the official registration link: Elsevier , Springer Nature , or IEEE .
https://dev.elsevier.com/https://dev.springernature.com/docs/quick-start/api-access/https://developer.ieee.org/member/registerDo not proactively ask the user to paste an API key into chat. If the user voluntarily sends a publisher API key, treat that as authorization to save that exact key: do not reject it, ask them to regenerate it, or repeat it back. Pass it to , keep it out of command-line arguments, logs, replies, and manifests, then report only the masked confirmation and validation status. The local hidden prompt remains the preferred path when the key has not already been provided. IEEE Metadata API access is not paid full-text access; require the issued Full-Text Access endpoint/template before treating IEEE as downloadable through the API. Secrets are stored in with mode .
configure_credentials.py set <provider> --stdin~/.config/lit-dl/credentials.json0600仅当渠道首次需要时才延迟配置凭证:
bash
python3 scripts/configure_credentials.py set elsevier
python3 scripts/configure_credentials.py set springer_nature
python3 scripts/configure_credentials.py set ieee --fulltext-endpoint 'https://issued-endpoint.example/articles/{doi}'
python3 scripts/configure_credentials.py set elsevier --stdin
python3 scripts/configure_credentials.py show
python3 scripts/configure_credentials.py validate <provider>
python3 scripts/configure_credentials.py delete <provider>
python3 scripts/configure_credentials.py contact-email researcher@example.org向用户提供官方注册链接:Elsevier 、Springer Nature 或IEEE 。
https://dev.elsevier.com/https://dev.springernature.com/docs/quick-start/api-access/https://developer.ieee.org/member/register不得主动要求用户在聊天中粘贴API密钥。若用户主动发送出版商API密钥,视为授权保存该密钥:不得拒绝、要求重新生成或重复密钥。将其传递给,避免在命令行参数、日志、回复或清单中出现,仅返回掩码确认和验证状态。当密钥未提供时,本地隐藏提示为首选输入方式。IEEE元数据API访问不包含付费全文访问;在通过API下载IEEE文献前,需获取已签发的全文访问端点/模板。密钥存储在,权限为。
configure_credentials.py set <provider> --stdin~/.config/lit-dl/credentials.json0600Resource URL Triage
资源URL分类
Classify the user-provided URL before choosing an access path:
text
cas.* / /authserver/login CAS / SSO login page; inspect service= callback, then return to the service portal
idp/shibboleth / carsi CARSI / Shibboleth institutional route
ezproxy / libproxy EZproxy remote-access proxy
webvpn / vpn WebVPN route
metaersp / metaauth / uas Library resource aggregation portal
webofscience / sciencedirect Database or publisher entry; check whether it was reached through a portalIf the URL is a login page with a parameter, treat the callback host as the resource service and do not make the login page the whole workflow. For example, means the identity service returns to the user's resource portal after authentication.
service=https://login.university.example/authserver/login?service=https://resources.university.example/callback在选择访问路径前,先对用户提供的URL进行分类:
text
cas.* / /authserver/login CAS / SSO登录页面;检查service=回调参数,然后返回服务门户
idp/shibboleth / carsi CARSI / Shibboleth机构渠道
ezproxy / libproxy EZproxy远程访问代理
webvpn / vpn WebVPN渠道
metaersp / metaauth / uas 图书馆资源聚合门户
webofscience / sciencedirect 数据库或出版商入口;检查是否通过门户访问若URL为带有参数的登录页面,将回调主机视为资源服务,不得将登录页面作为整个工作流的终点。例如,表示身份服务在认证后返回用户的资源门户。
service=https://login.university.example/authserver/login?service=https://resources.university.example/callbackInstitution-Specific Domains
机构特定域名
Confirm against what actually appears in the user's address bar; correct these for each institution instead of assuming a preset is complete.
text
Library home / aggregation: library.example.edu, resources.example.edu
Discovery/database entry: webofscience.com, clarivate.com, cnki.net, sciencedirect.com, provider.example.com
Unified identity / SSO: sso.example.edu, cas.example.edu, idp.example.edu
Federation / WAYF: ds.carsi.edu.cn, wayf.example.org, shibboleth/openathens hosts
Proxy / WebVPN: ezproxy.example.edu, webvpn.example.eduTreat configured institutional login, federation, proxy, and database-login hosts as sign-in stages. Do not treat reaching them as a final failure.
根据用户地址栏实际显示内容进行确认;针对每个机构修正这些域名,而非假设预设配置完整。
text
图书馆主页/聚合平台: library.example.edu, resources.example.edu
发现/数据库入口: webofscience.com, clarivate.com, cnki.net, sciencedirect.com, provider.example.com
统一身份认证/SSO: sso.example.edu, cas.example.edu, idp.example.edu
联邦认证/WAYF: ds.carsi.edu.cn, wayf.example.org, shibboleth/openathens主机
代理/WebVPN: ezproxy.example.edu, webvpn.example.edu将已配置的机构登录、联邦认证、代理及数据库登录主机视为登录阶段。不得将访问这些主机视为最终失败。
Boundaries
边界规则
Use only the user's legitimate institutional access. Do not bypass paywalls, DRM, or two-factor authentication.
Verification-first rule: When a visible slider, checkbox, robot check, or simple verification control appears in the user's authenticated Chrome session, attempt it in the browser before asking the user to intervene. Keep the attempt bounded (at most two attempts on one tab), verify that the challenge disappeared, and continue from that same tab when successful.
- Slider/drag challenges (including CNKI puzzle sliders): estimate the visible travel distance and simulate a gradual drag.
- ScienceDirect robot checks, managed Turnstile, and reCAPTCHA checkbox stages: try the visible checkbox once.
- Simple ,
Continue, or equivalent visible controls: click once, then re-check the page state.Verify
User handoff: Ask the user only after the bounded attempt fails, or immediately when the page requires secret or identity-bearing input such as an image-selection answer, QR approval, SMS/OTP, passkey, hardware key, or two-factor authentication. Keep the challenged tab open and never ask the user to paste credentials or codes into chat.
Avoid unbounded or indiscriminate downloading. Process only the definite paper list confirmed by the user, apply provider-friendly pacing, and leave a clear audit trail of what was downloaded, from where, and whether supporting information was found.
Do not ask the user to paste institutional passwords, database passwords, OTP codes, recovery codes, or session tokens into chat or terminal. If the user offers one of those identity-bearing secrets, decline and use the handoff-login workflow instead. Publisher API keys follow the separate save-on-receipt rule above.
Exception for saved institutional login pages: if the user explicitly says that the browser has already filled credentials and authorizes clicking the visible login/confirm button, the agent may click that button once on the expected institutional SSO / CAS / CARSI / Shibboleth page without reading, copying, or typing any credential. This exception does not apply to CAPTCHA, QR login, SMS/OTP, publisher bot checks, consent/security warnings, or any page outside the expected institutional login flow.
Do not inspect or export cookies, passwords, local storage, browser profiles, or session files. Use the browser's already-authenticated page context only.
仅使用用户合法的机构访问权限。不得绕过付费墙、DRM或双因素认证。
优先验证规则:当用户已认证的Chrome会话中出现可见滑块、复选框、机器人验证或简单验证控件时,先尝试在浏览器中自动完成验证,再请求用户干预。尝试次数需受限(同一标签页最多两次),验证挑战消失后,从同一标签页继续操作。
- 滑块/拖拽挑战(包括CNKI拼图滑块):估算可见移动距离并模拟渐进式拖拽。
- ScienceDirect机器人验证、Turnstile管理及reCAPTCHA复选框阶段:尝试点击可见复选框一次。
- 简单的、
Continue或等效可见控件:点击一次,然后重新检查页面状态。Verify
用户交接:仅当受限尝试失败时,或页面需要输入保密或身份相关信息(如图像选择答案、QR码确认、SMS/OTP、密钥、硬件密钥或双因素认证)时,才请求用户干预。保持挑战标签页打开,不得要求用户在聊天中粘贴凭证或验证码。
避免无限制或无差别下载。仅处理用户确认的明确文献列表,遵循渠道友好的请求频率,并保留清晰的审计轨迹,记录下载内容、来源及是否找到补充材料。
不得要求用户在聊天或终端中粘贴机构密码、数据库密码、OTP码、恢复码或会话令牌。若用户提供此类身份相关密钥,需拒绝并使用交接登录工作流。出版商API密钥遵循上述独立的接收即保存规则。
已保存机构登录页面例外:若用户明确表示浏览器已填充凭证并授权点击可见的登录/确认按钮,工具可在预期的机构SSO/CAS/CARSI/Shibboleth页面点击该按钮一次,但不得读取、复制或输入任何凭证。此例外不适用于CAPTCHA、QR登录、SMS/OTP、出版商机器人验证、同意/安全警告或预期机构登录流程之外的任何页面。
不得检查或导出Cookie、密码、本地存储、浏览器配置文件或会话文件。仅使用浏览器已认证的页面上下文。
Preconditions
前置条件
Before attempting downloads, confirm the conditions that apply to the selected access branch.
For the OA-only branch, confirm the target paper identifier/list, output folder, Node.js 22+, and Python 3 when PDF verification needs it. Do not require a library configuration or institutional browser login.
For the paid-library branch, confirm these conditions:
- The browser that holds the user's library/database login state is open on the user's machine.
- The school configuration exists and is valid.
- Run .
python3 scripts/configure_school.py show - If missing, run or guide the user through
python3 scripts/configure_school.py preset "<school name>".src/wizard.py
- Run
- The user has personally logged in to their institution/library route in that same browser, and can reach the library aggregation service, target database, or discovery entry.
- The browser-control path can reuse that same logged-in browser profile.
- For Chrome CDP, ask the user to open and enable remote debugging for the current browser instance.
chrome://inspect/#remote-debugging - If CDP attaches to a stale browser, a temporary profile, or a different browser, use a browser-control channel that can reuse the user's active session instead of launching a new profile.
- For Chrome CDP, ask the user to open
- The environment can run Node.js 22+.
- Try .
node --version - If is not on PATH in Codex Desktop, try
node.%LOCALAPPDATA%\OpenAI\Codex\bin\node.exe
- Try
- The environment can run Python 3 for configuration and PDF text verification.
- Try .
python3 --version - Install Python helpers with when needed.
pip install -r requirements.txt
- Try
- The web-access CDP proxy is available or can be started.
- Typical Claude Code path: .
%USERPROFILE%\.claude\skills\web-access-main\scripts\check-deps.mjs - Typical shared agent path: .
%USERPROFILE%\.agents\skills\web-access-main\scripts\check-deps.mjs - In Codex-only setups also check .
%USERPROFILE%\.codex\skills\web-access-main\scripts\check-deps.mjs
- Typical Claude Code path:
- The user has approved the target output folder.
If Claude Code says this skill is not installed, install or copy it to:
powershell
$env:USERPROFILE\.claude\skills\nature-downloaderCodex and other agent setups may instead use or ; treat the three locations as install targets, not as different skill versions.
.codex\skills.agents\skills尝试下载前,确认所选访问分支适用的条件。
对于仅OA分支,确认目标文献标识符/列表、输出文件夹、Node.js 22+及Python 3(如需PDF验证)。无需图书馆配置或机构浏览器登录。
对于付费图书馆分支,确认以下条件:
- 保存用户图书馆/数据库登录状态的浏览器在用户设备上处于打开状态。
- 学校配置存在且有效。
- 运行。
python3 scripts/configure_school.py show - 若缺失,运行或引导用户通过
python3 scripts/configure_school.py preset "<school name>"配置。src/wizard.py
- 运行
- 用户已在同一浏览器中亲自登录其机构/图书馆渠道,且可访问图书馆聚合服务、目标数据库或发现入口。
- 浏览器控制路径可复用同一已登录浏览器配置文件。
- 对于Chrome CDP,要求用户打开并为当前浏览器实例启用远程调试。
chrome://inspect/#remote-debugging - 若CDP连接到陈旧浏览器、临时配置文件或其他浏览器,使用可复用用户活跃会话的浏览器控制渠道,而非启动新配置文件。
- 对于Chrome CDP,要求用户打开
- 环境可运行Node.js 22+。
- 尝试运行。
node --version - 若Codex Desktop中不在PATH中,尝试使用
node。%LOCALAPPDATA%\OpenAI\Codex\bin\node.exe
- 尝试运行
- 环境可运行Python 3以进行配置和PDF文本验证。
- 尝试运行。
python3 --version - 必要时使用安装Python依赖。
pip install -r requirements.txt
- 尝试运行
- Web访问CDP代理可用或可启动。
- 典型Claude Code路径:。
%USERPROFILE%\.claude\skills\web-access-main\scripts\check-deps.mjs - 典型共享代理路径:。
%USERPROFILE%\.agents\skills\web-access-main\scripts\check-deps.mjs - 仅Codex环境中还需检查。
%USERPROFILE%\.codex\skills\web-access-main\scripts\check-deps.mjs
- 典型Claude Code路径:
- 用户已批准目标输出文件夹。
若Claude Code提示未安装本工具,安装或复制至:
powershell
$env:USERPROFILE\.claude\skills\nature-downloaderCodex及其他代理环境可能使用或;将这三个位置视为安装目标,而非不同版本的工具。
.codex\skills.agents\skillsBatch Scope
批量范围
Definite DOI/title/PMID lists are supported without a fixed per-batch paper-count recommendation.
Operational safeguards:
- pace requests appropriately for each provider and maintain the manifest throughout the batch
- attempt visible verification controls first; stop after at most two failed attempts, on institutional login expiry, or when an unusual/security-sensitive prompt appears
Do not turn a broad keyword search into unlimited automatic downloading. Do not download whole journal issues, volumes, or large result sets.
支持明确的DOI/题名/PMID列表,无固定每批文献数量建议。
操作保障:
- 针对每个渠道合理控制请求频率,并在批量处理全程维护清单
- 优先尝试可见验证控件;最多两次失败尝试后停止,或在机构登录过期、出现异常/安全敏感提示时停止
不得将宽泛的关键词搜索转化为无限制自动下载。不得下载整本期刊、卷或大量结果集。
Status Categories
状态分类
Classify every paper into one of these statuses, and keep the status in the manifest:
text
downloaded
downloaded_with_si
open_access_downloaded
full_text_html_available
available_not_downloaded
native_fulltext_downloaded
si_confirmation_required
credentials_missing
credentials_invalid
api_not_entitled
api_fulltext_unavailable
api_fallback_confirmation_required
oa_not_found
oa_resolution_inconclusive
metadata_ambiguous
carsi_waiting_user
carsi_resolved_retry_needed
publisher_verification_waiting_user
sciencedirect_robot_check
retry_after_user_verification
verification_auto_passed
verification_auto_failed
do_not_auto_retry
url_needs_repair
library_no_permission
no_full_text_link
publisher_blocked_waiting_user
no_authorized_pdf_found
failed_after_retryUse when an automatic CAPTCHA/slider/robot check was successfully solved by the skill, and the download then proceeded normally.
verification_auto_passedUse when auto-verification was attempted but could not pass the challenge. This is a user-handoff status, not a final failure.
verification_auto_failedUse only when the browser is visibly at an institutional SSO / CAS / CARSI-Shibboleth / OpenAthens / database authentication page. Do not treat this as a final failure.
carsi_waiting_userUse or when a publisher page shows a verification challenge but no automatic interaction was possible. When a bounded automatic attempt was made and failed, use instead. None of these is a final download failure.
publisher_verification_waiting_usersciencedirect_robot_checkverification_auto_failedUse when a legitimate open-access route such as PMC, the publisher's OA PDF, arXiv, or another lawful open PDF source provides the downloaded PDF without institutional authorization.
open_access_downloadedFor a successful API-first download, record ; this means OA resolution was intentionally skipped, not that the article is non-OA. Use only after a supported publisher API attempt and its automatic OA fallback both fail.
oa_status: not_checked_api_firstapi_fallback_confirmation_requiredUse when the library/full-text resolver grants access to a readable HTML full text but no valid PDF link or response is available. This is a successful full-text access result, not a PDF download. Save the HTML/text if the user asked for the article, and explicitly tell the user that the PDF was not available through the current authorized route.
full_text_html_available%PDFUse when the library portal, SFX/OpenURL resolver, database, or publisher page clearly says the user's institution has no full-text entitlement for the paper. Tell the user plainly that the current library resources do not have permission for this article. Do not retry direct publisher access as if it were a temporary network problem.
library_no_permission将每篇文献分类为以下状态之一,并在清单中保留状态信息:
text
downloaded
downloaded_with_si
open_access_downloaded
full_text_html_available
available_not_downloaded
native_fulltext_downloaded
si_confirmation_required
credentials_missing
credentials_invalid
api_not_entitled
api_fulltext_unavailable
api_fallback_confirmation_required
oa_not_found
oa_resolution_inconclusive
metadata_ambiguous
carsi_waiting_user
carsi_resolved_retry_needed
publisher_verification_waiting_user
sciencedirect_robot_check
retry_after_user_verification
verification_auto_passed
verification_auto_failed
do_not_auto_retry
url_needs_repair
library_no_permission
no_full_text_link
publisher_blocked_waiting_user
no_authorized_pdf_found
failed_after_retry当工具自动成功解决CAPTCHA/滑块/机器人验证且下载正常进行时,使用状态。
verification_auto_passed当尝试自动验证但未通过挑战时,使用状态。这是用户交接状态,而非最终失败。
verification_auto_failed仅当浏览器明显处于机构SSO/CAS/CARSI-Shibboleth/OpenAthens/数据库认证页面时,使用状态。不得将此视为最终失败。
carsi_waiting_user当出版商页面显示验证挑战但无法自动交互时,使用或状态。当受限自动尝试失败时,使用状态。这些均非最终下载失败状态。
publisher_verification_waiting_usersciencedirect_robot_checkverification_auto_failed当合法开放获取渠道(如PMC、出版商OA PDF、arXiv或其他合法开放PDF源)在无机构授权情况下提供下载的PDF时,使用状态。
open_access_downloaded对于成功的API优先下载,记录;这表示OA解析被有意跳过,而非文献非OA。仅当支持的出版商API尝试及其自动OA降级均失败时,使用状态。
oa_status: not_checked_api_firstapi_fallback_confirmation_required当图书馆/全文解析器授予可读HTML全文访问权限但无有效PDF链接或响应时,使用状态。这是成功的全文访问结果,而非PDF下载。若用户要求获取文章,保存HTML/文本,并明确告知用户当前授权路径无可用PDF。
%PDFfull_text_html_available当图书馆门户、SFX/OpenURL解析器、数据库或出版商页面明确表示用户机构无该文献全文权限时,使用状态。明确告知用户当前图书馆资源无该文献权限。不得将此视为临时网络问题而重试直接出版商访问。
library_no_permissionStart Browser Control
启动浏览器控制
Use the web-access CDP proxy when it can attach to the same logged-in browser instance the user is using. If the task depends on existing login state and CDP opens a blank/new profile, prefer a browser-control channel that reuses the user's active browser session.
On Windows PowerShell:
powershell
$node = "node"
if (-not (Get-Command node -ErrorAction SilentlyContinue)) {
$node = "$env:LOCALAPPDATA\OpenAI\Codex\bin\node.exe"
}
$checkDepsCandidates = @(
"$env:USERPROFILE\.claude\skills\web-access-main\scripts\check-deps.mjs",
"$env:USERPROFILE\.agents\skills\web-access-main\scripts\check-deps.mjs",
"$env:USERPROFILE\.codex\skills\web-access-main\scripts\check-deps.mjs"
)
$checkDeps = $checkDepsCandidates | Where-Object { Test-Path $_ } | Select-Object -First 1
if (-not $checkDeps) { throw "web-access-main/scripts/check-deps.mjs not found" }
& $node $checkDepsThen test:
powershell
Invoke-WebRequest -UseBasicParsing -Uri "http://127.0.0.1:3456/targets" -TimeoutSec 10If this hangs or fails:
- Ask the user to confirm the remote debugging checkbox.
- Check .
%TEMP%\cdp-proxy.log - If targets appear but the database/library page is unauthenticated, suspect a stale CDP endpoint, wrong browser, or fresh browser profile before suspecting missing library permission.
- Do not attempt to read Chrome session files.
当Web访问CDP代理可连接到用户正在使用的同一已登录浏览器实例时,使用该代理。若任务依赖现有登录状态但CDP打开空白/新配置文件,优先使用可复用用户活跃浏览器会话的浏览器控制渠道。
在Windows PowerShell中:
powershell
$node = "node"
if (-not (Get-Command node -ErrorAction SilentlyContinue)) {
$node = "$env:LOCALAPPDATA\OpenAI\Codex\bin\node.exe"
}
$checkDepsCandidates = @(
"$env:USERPROFILE\.claude\skills\web-access-main\scripts\check-deps.mjs",
"$env:USERPROFILE\.agents\skills\web-access-main\scripts\check-deps.mjs",
"$env:USERPROFILE\.codex\skills\web-access-main\scripts\check-deps.mjs"
)
$checkDeps = $checkDepsCandidates | Where-Object { Test-Path $_ } | Select-Object -First 1
if (-not $checkDeps) { throw "web-access-main/scripts/check-deps.mjs not found" }
& $node $checkDeps然后测试:
powershell
Invoke-WebRequest -UseBasicParsing -Uri "http://127.0.0.1:3456/targets" -TimeoutSec 10若此操作挂起或失败:
- 请求用户确认远程调试复选框已启用。
- 检查。
%TEMP%\cdp-proxy.log - 若显示目标但数据库/图书馆页面未认证,先怀疑CDP端点陈旧、浏览器错误或浏览器配置文件全新,而非缺少图书馆权限。
- 不得尝试读取Chrome会话文件。
Fast Batch Path (default for 2+ papers — fast & token-efficient)
快速批量路径(默认适用于2篇及以上文献——快速且高效)
For anything beyond a single paper, run instead of driving the browser step-by-step. OA and publisher APIs run without CDP; CNKI, Web Access, and requested SI lazily attach to the authenticated browser. Large DOMs and file bytes remain inside the scripts.
scripts/batch_download.mjsThe script reads automatically. When the config contains , that URL is used as the Web of Science entry; otherwise the script falls back to its compiled default Web of Science URL.
~/.config/lit-dl/school.jsondiscovery.web_of_science_urlbash
undefined对于单篇以上文献,运行而非逐步驱动浏览器。OA和出版商API无需CDP;CNKI、Web访问及请求的SI将延迟连接到已认证浏览器。大型DOM和文件字节保留在脚本内部。
scripts/batch_download.mjs脚本自动读取。若配置中包含,该URL将用作Web of Science入口;否则脚本回退至编译默认的Web of Science URL。
~/.config/lit-dl/school.jsondiscovery.web_of_science_urlbash
undefinedby topic (collects N records from Web of Science Core Collection):
按主题(从Web of Science核心合集收集N条记录):
node scripts/batch_download.mjs --topic "rice blast resistance gene" --count 10 --no-si --out "<project>"
node scripts/batch_download.mjs --topic "rice blast resistance gene" --count 10 --no-si --out "<project>"
by explicit DOIs:
按明确DOI:
node scripts/batch_download.mjs --dois "10.1007/s00122-021-03957-1,10.1111/pbi.14066" --no-si --out "<project>"
node scripts/batch_download.mjs --dois "10.1007/s00122-021-03957-1,10.1111/pbi.14066" --no-si --out "<project>"
by exact open-access title (arXiv fallback, useful for DOI-less papers):
按精确开放获取题名(arXiv降级,适用于无DOI文献):
node scripts/batch_download.mjs --title "Attention Is All You Need" --open-access --no-si --out "<project>"
node scripts/batch_download.mjs --title "Attention Is All You Need" --open-access --no-si --out "<project>"
by Chinese exact title (default CNKI route):
按中文精确题名(默认CNKI渠道):
node scripts/batch_download.mjs --title "乡村振兴背景下数字治理研究" --no-si --out "<project>"
node scripts/batch_download.mjs --title "乡村振兴背景下数字治理研究" --no-si --out "<project>"
by Chinese exact title, PDF only:
按中文精确题名,仅PDF格式:
node scripts/batch_download.mjs --title "乡村振兴背景下数字治理研究" --cnki-format pdf --no-si --out "<project>"
node scripts/batch_download.mjs --title "乡村振兴背景下数字治理研究" --cnki-format pdf --no-si --out "<project>"
by Chinese exact title with a library-provided CNKI entry:
按中文精确题名,使用图书馆提供的CNKI入口:
node scripts/batch_download.mjs --title "乡村振兴背景下数字治理研究" --cnki-url "https://kns.cnki.net/kns8s/defaultresult/index" --no-si --out "<project>"
node scripts/batch_download.mjs --title "乡村振兴背景下数字治理研究" --cnki-url "https://kns.cnki.net/kns8s/defaultresult/index" --no-si --out "<project>"
by known PDF URL:
按已知PDF URL:
node scripts/batch_download.mjs --pdf-url "https://arxiv.org/pdf/1706.03762" --title "Attention Is All You Need" --no-si --out "<project>"
node scripts/batch_download.mjs --pdf-url "https://arxiv.org/pdf/1706.03762" --title "Attention Is All You Need" --no-si --out "<project>"
replace --no-si with --si only after the user explicitly requests SI
仅当用户明确请求SI时,将--no-si替换为--si
Output includes `{ summary, manifest, results }`. The script writes `<project>/manifest.json` with route, OA evidence, access mode, format, MIME, bytes, SHA-256, SI choice, and typed failures; secret-looking fields are removed recursively. PDFs go under `PDFs/`, native HTML/XML under `FullText/`, CAJ under `CNKI/`, and supplements under `SupportingInformation/`.
**Token discipline (applies to all paths):** never `eval` a whole page DOM, search result, or PDF/SI bytes back into the agent context. Keep large data inside Node/`scripts/*.mjs` and surface only compact status. Reserve interactive `/eval` + `cdp_open_url.mjs` for the single-paper route below or for diagnosing one stuck paper after the batch run.
输出包含`{ summary, manifest, results }`。脚本将路由、OA证据、访问模式、格式、MIME、字节数、SHA-256、SI选择及类型化失败写入`<project>/manifest.json`;递归移除类似密钥的字段。PDF存储在`PDFs/`下,原生HTML/XML存储在`FullText/`下,CAJ存储在`CNKI/`下,补充材料存储在`SupportingInformation/`下。
**令牌规范(适用于所有路径)**: 不得将整个页面DOM、搜索结果或PDF/SI字节`eval`回代理上下文。将大型数据保留在Node/`scripts/*.mjs`中,仅显示简洁状态。仅在单篇文献路径或批量运行后诊断某篇卡住的文献时,使用交互式`/eval` + `cdp_open_url.mjs`。Recommended Web Access Workflow (other publishers and confirmed API-plus-OA fallback)
推荐Web访问工作流(其他出版商及已确认的API+OA降级)
Use this section only after legitimate OA sources are unavailable: directly for English publishers outside Elsevier/Springer Nature/IEEE, or after the user explicitly accepts Web Access fallback when both a supported publisher API and the OA fallback failed. Start from Web of Science or the configured library portal and reuse the user's authenticated browser session.
Before using the library route, check for legitimate open-access availability when the article metadata suggests OA or the user provides an OA/open journal paper. Use PMC, publisher OA links, arXiv, DOI landing pages with clear open PDF access, or a known lawful PDF URL. If an OA PDF is available, download and verify it directly, mark , and record the OA source in the manifest. Do not require institutional login for an article that is already openly available.
open_access_downloadedImportant distinction: is a Web of Science topic search, not an exact-title resolver. For a known exact title, especially conference/arXiv papers without DOI, prefer or when the legitimate PDF URL is known. In testing, matched an unrelated HBR article first, while correctly downloaded arXiv .
--topic--title "<exact title>" --open-access--pdf-url--topic "Attention Is All You Need"--title "Attention Is All You Need" --open-access1706.03762v7Web of Science hosts to recognize: , , , . Note: WoS renders records inside shadow DOM with a virtualized list — when scraping manually you must pierce shadow roots and scroll to load more rows (the batch script already does this).
webofscience.clarivate.cnwww.webofscience.com*.webofknowledge.com*.clarivate.com- Authenticate once: open Web of Science via the library aggregation / institutional entry. If Web of Science or another database shows authentication choices such as institutional login, Shibboleth/OpenAthens/CARSI, CAS/SSO, or IP login, use the route the user normally uses. If credentials, QR, CAPTCHA, SMS/OTP, or unclear consent appears, follow Institutional Authentication Handoff below.
- Confirm you are on the authenticated Web of Science search page (institutional name visible, search box present).
- Search the paper by DOI when available, otherwise by exact title:
- Set the search field to or
DOI, paste the value, run the search.Title - Read the results page with and pick the record that matches title + year + authors.
/eval
- Set the search field to
- Open the matching record and read it with .
/eval - Click the full-text route, in this order of preference:
- /
Free Full Textif presentOpen Access - library resolver links: ,
Find it at,SFX,OpenURL,Full Text Links,查看全文, database/provider names such as OvidFull Text available via - publisher full-text link: , the publisher name, or
View Full TextView PDF - The full-text link should inherit the institutional session, so the publisher often grants access without a second login. If a second institutional handoff appears, complete it once.
- On the publisher page, find the PDF link (,
PDF,View PDF,Download PDF,pdfft) and save it with/doi/pdf/.scripts/browser_pdf_downloader.mjs - If the full-text resolver opens readable HTML full text but no valid PDF is exposed, save the HTML/text, mark , and tell the user plainly: "已获取 HTML 全文,但当前授权路径没有可下载 PDF." Do not mislabel an HTML page as a PDF; if a PDF probe returns HTML, move it to diagnostics and explain that no valid PDF was downloaded.
full_text_html_available - If the resolver/provider explicitly says the institution has no entitlement, mark and tell the user: "当前图书馆资源没有该文献全文权限." Do not hide this behind
library_no_permission.failed_after_retry - Do not download Supporting Information by default. Only fetch SI if the user explicitly asked; otherwise just note whether SI exists (see Supporting Information below).
- Record the route taken (OA source or WoS → SFX/OpenURL/full-text provider → publisher/database) in the manifest.
If Web of Science returns no record, or the record has no accessible full-text link, mark the paper and tell the user. If the library route is found but denies entitlement, mark . Do not silently fall back to direct publisher navigation as if it were the same authorized route.
no_full_text_linklibrary_no_permission仅当合法OA来源不可用时才使用本节:直接用于Elsevier/Springer Nature/IEEE之外的英文出版商,或当支持的出版商API和OA降级均失败且用户明确接受Web访问降级时。从Web of Science或已配置的图书馆门户开始,复用用户已认证的浏览器会话。
使用图书馆渠道前,若文献元数据显示为OA或用户提供OA/开放期刊文献,先检查合法开放获取可用性。使用PMC、出版商OA链接、arXiv、带有明确开放PDF访问的DOI着陆页或已知合法PDF URL。若存在OA PDF,直接下载并验证,标记,并在清单中记录OA来源。对于已开放获取的文献,无需机构登录。
open_access_downloaded重要区别:是Web of Science主题搜索,而非精确题名解析器。对于已知精确题名,尤其是无DOI的会议/arXiv文献,优先使用或已知合法PDF URL时使用。测试中,首先匹配到一篇不相关的HBR文章,而正确下载了arXiv 。
--topic--title "<exact title>" --open-access--pdf-url--topic "Attention Is All You Need"--title "Attention Is All You Need" --open-access1706.03762v7需识别的Web of Science主机:、、、。注意:WoS在shadow DOM中使用虚拟化列表渲染记录——手动抓取时必须穿透shadow根并滚动加载更多行(批量脚本已实现此功能)。
webofscience.clarivate.cnwww.webofscience.com*.webofknowledge.com*.clarivate.com- 一次性认证:通过图书馆聚合/机构入口打开Web of Science。若Web of Science或其他数据库显示认证选项,如机构登录、Shibboleth/OpenAthens/CARSI、CAS/SSO或IP登录,使用用户通常使用的渠道。若出现凭证、QR码、CAPTCHA、SMS/OTP或不明确的同意提示,遵循以下机构认证交接流程。
- 确认已在已认证的Web of Science搜索页面(可见机构名称,存在搜索框)。
- 优先通过DOI搜索文献,若无则通过精确题名搜索:
- 将搜索字段设置为或
DOI,粘贴值并运行搜索。Title - 使用读取结果页面,选择匹配题名+年份+作者的记录。
/eval
- 将搜索字段设置为
- 打开匹配记录并使用读取。
/eval - 按以下优先级点击全文渠道:
- 若存在/
Free Full TextOpen Access - 图书馆解析器链接:、
Find it at、SFX、OpenURL、Full Text Links、查看全文、数据库/渠道名称如OvidFull Text available via - 出版商全文链接:、出版商名称或
View Full TextView PDF - 全文链接应继承机构会话,因此出版商通常无需二次登录即可授予访问权限。若出现二次机构交接,完成一次即可。
- 若存在
- 在出版商页面找到PDF链接(、
PDF、View PDF、Download PDF、pdfft)并使用/doi/pdf/保存。scripts/browser_pdf_downloader.mjs - 若全文解析器打开可读HTML全文但未暴露有效PDF,保存HTML/文本,标记,并明确告知用户:"已获取 HTML 全文,但当前授权路径没有可下载 PDF。"不得将HTML页面误标为PDF;若PDF探测返回HTML,将其移至诊断目录并说明未下载到有效PDF。
full_text_html_available - 若解析器/渠道明确表示机构无权限,标记并告知用户:"当前图书馆资源没有该文献全文权限。"不得用
library_no_permission掩盖此情况。failed_after_retry - 默认不下载补充材料。仅当用户明确要求时才获取SI;否则仅记录是否存在SI(见下文补充材料部分)。
- 在清单中记录所使用的渠道(OA来源或WoS → SFX/OpenURL/全文渠道 → 出版商/数据库)。
若Web of Science未返回记录,或记录无可用全文链接,标记文献为并告知用户。若找到图书馆渠道但被拒绝权限,标记。不得静默回退至直接出版商导航,将其视为同一授权渠道。
no_full_text_linklibrary_no_permissionPublisher Verification and ScienceDirect
出版商验证与ScienceDirect
ScienceDirect and some publisher platforms may show "Are you a robot?", CAPTCHA, Cloudflare, bot verification, or similar checks after repeated direct DOI navigation or automated tab opening. These pages are security and anti-automation challenges, not ordinary login confirmations.
Reduce the chance of triggering them by using a conservative access pattern:
- Prefer the library aggregation / CARSI entry before direct navigation.
doi.org -> publisher - Process ScienceDirect and other sensitive publishers one article at a time.
- Keep a visible audit trail in the manifest; do not open many publisher tabs in parallel.
- Wait for each page to settle before looking for ,
Download PDF, orView PDF.PDF - Reuse the same tab after the user completes a verification step instead of opening repeated new tabs.
- Avoid retry loops. Use one attempt by default and no more than two attempts on the same tab before handing the page to the user.
When a publisher verification page appears:
- First, attempt automatic verification via the built-in anti-bot module (). The module tries: simple click challenges, ScienceDirect robot check, Cloudflare Turnstile, slider CAPTCHA (including CNKI Geetest-style), and reCAPTCHA checkbox.
scripts/lib/anti-bot.mjs - If auto-verification succeeds, continue the download from the resolved page.
- If auto-verification fails:
a. Stop automated actions on that tab.
b. Record the paper with status . Use
verification_auto_failedonly when no automatic interaction was possible. c. Tell the user which paper and tab need manual attention. d. After the user says the verification is complete, continue from the same tab and try the visible article/PDF route once. e. If verification immediately reappears, marksciencedirect_robot_checkand move on.do_not_auto_retry
Create or update when publisher checks interrupt a batch. Use this header:
publisher_verification.tsvtext
id project title doi year venue publisher status source_url current_url next_action notesSuggested values:
next_actiontext
user_complete_publisher_verification
retry_same_tab_after_user_confirms
try_aggregation_entry_route
try_authorized_oa_route
mark_do_not_auto_retryScienceDirect及部分出版商平台在重复直接DOI导航或自动打开标签页后,可能显示"Are you a robot?"、CAPTCHA、Cloudflare、机器人验证或类似检查。这些页面是安全和反自动化挑战,而非普通登录确认。
通过保守的访问模式降低触发这些挑战的概率:
- 优先使用图书馆聚合/CARSI入口,而非直接导航。
doi.org -> publisher - 逐个处理ScienceDirect及其他敏感出版商的文献。
- 在清单中保留可见审计轨迹;不得并行打开多个出版商标签页。
- 等待每个页面加载完成后,再查找、
Download PDF或View PDF。PDF - 用户完成验证步骤后复用同一标签页,而非重复打开新标签页。
- 避免重试循环。默认尝试一次,同一标签页最多尝试两次后将页面交接给用户。
当出现出版商验证页面时:
- 首先,尝试自动验证,通过内置反机器人模块()。该模块尝试:简单点击挑战、ScienceDirect机器人验证、Cloudflare Turnstile、滑块CAPTCHA(包括CNKI极验风格)及reCAPTCHA复选框。
scripts/lib/anti-bot.mjs - 若自动验证成功,从解析后的页面继续下载。
- 若自动验证失败:
a. 停止该标签页上的自动化操作。
b. 将文献记录为状态。仅当无法自动交互时使用
verification_auto_failed状态。 c. 告知用户哪篇文献和哪个标签页需要手动处理。 d. 用户确认验证完成后,从同一标签页继续操作,尝试可见的文章/PDF渠道一次。 e. 若验证立即再次出现,标记sciencedirect_robot_check并继续处理下一篇。do_not_auto_retry
当出版商检查中断批量处理时,创建或更新。使用以下表头:
publisher_verification.tsvtext
id project title doi year venue publisher status source_url current_url next_action notes建议的值:
next_actiontext
user_complete_publisher_verification
retry_same_tab_after_user_confirms
try_aggregation_entry_route
try_authorized_oa_route
mark_do_not_auto_retryInstitutional Authentication Handoff and Retry
机构认证交接与重试
Publishers and databases routed through CAS/SSO, CARSI/Shibboleth, OpenAthens, EZproxy, WebVPN, or IP authorization may redirect to an institutional login or database login page for the first authenticated access. This is expected and is not a reason to ask for the user's password.
When a page reaches an institutional login page, federation/WAYF selector, database login page, or IP-login prompt:
- Stop automated actions on that tab.
- Record the paper in with status
carsi_retry.tsv.carsi_waiting_user - Tell the user exactly which tab/page needs attention, for example: "This page is at your institution/database login. If the browser has already filled credentials, I can click the visible login/confirm button once with your authorization; otherwise please complete it in the browser." If a federation/WAYF page asks which institution to use, ask the user to pick their institution, or do it only when the choice is unambiguous and credential-free and the user authorized it.
- Do not read, store, or request the password, QR result, OTP, SMS code, CAPTCHA, cookie, or local/session storage.
- If the user explicitly authorizes clicking because credentials are already filled, click only the visible login/confirm/continue button once. Do not type into fields or inspect hidden credential values. For credential-free options such as "IP login", click only when the user authorizes that route or has just completed it manually.
- If QR login, SMS/OTP, CAPTCHA, Cloudflare, or publisher bot verification appears, stop and let the user complete it manually.
- After the login/confirm step completes, refresh or continue from the same tab.
- Re-detect whether the page is now a publisher article page, a PDF viewer, or another institutional handoff.
- If resolved, download and verify the PDF/SI, then update the manifest status to or
downloaded.downloaded_with_si - If it loops back to the same institutional/database login after a completed user login, record with the observed reason and move on.
failed_after_retry
通过CAS/SSO、CARSI/Shibboleth、OpenAthens、EZproxy、WebVPN或IP授权路由的出版商和数据库,首次认证访问时可能重定向至机构登录或数据库登录页面。这是预期情况,不得以此为由请求用户密码。
当页面跳转至机构登录页面、联邦/WAYF选择器、数据库登录页面或IP登录提示时:
- 停止该标签页上的自动化操作。
- 将文献记录在中,状态为
carsi_retry.tsv。carsi_waiting_user - 明确告知用户哪个标签页/页面需要处理,例如:"此页面处于你的机构/数据库登录界面。若浏览器已填充凭证,我可在你的授权下点击一次可见的登录/确认按钮;否则请在浏览器中完成登录。"若联邦/WAYF页面询问选择哪个机构,请求用户选择其机构,或仅当选择明确且无需凭证且用户授权时才代为选择。
- 不得读取、存储或请求密码、QR码结果、OTP、SMS验证码、CAPTCHA、Cookie或本地/会话存储。
- 若用户明确授权点击(因凭证已填充),仅点击一次可见的登录/确认/继续按钮。不得在字段中输入内容或检查隐藏的凭证值。对于无需凭证的选项,如"IP登录",仅当用户授权该渠道或刚手动完成时才点击。
- 若出现QR登录、SMS/OTP、CAPTCHA、Cloudflare或出版商机器人验证,停止操作并让用户手动完成。
- 登录/确认步骤完成后,刷新或从同一标签页继续操作。
- 重新检测页面是否为出版商文章页面、PDF查看器或其他机构交接页面。
- 若解析成功,下载并验证PDF/SI,然后将清单状态更新为或
downloaded。downloaded_with_si - 若用户完成登录后仍跳转回同一机构/数据库登录页面,记录及观察到的原因,然后继续处理下一篇。
failed_after_retry
Safe Institutional Auto-Confirm
安全机构自动确认
The agent may click a saved-login confirmation button only when all conditions are true:
text
1. The page is on an expected institutional, library, federation, or database domain for the user's configured route.
2. The user has explicitly authorized this action in the current conversation, for example: "可以点这个机构登录确认按钮".
3. The visible action is clearly a login/confirm/continue button, such as 登录, 登 录, 确认登录, 继续登录, Continue, Proceed, or Sign in.
4. There is no visible QR-only login, SMS/OTP field, push-approval prompt, password reset prompt, consent-to-share-new-data prompt, or account/security warning. (Slider CAPTCHAs and simple robot checks are now auto-attemptable — see Boundaries.)
5. The agent does not read, reveal, copy, store, type, or modify credentials.A federation/WAYF/机构选择 page carries no credentials and may be selected when the institution is unambiguous and the user has authorized it. If any condition is unclear, pause and ask the user to handle that tab. Do not repeatedly click login; one click is enough to test whether the saved-login state works.
Create or update whenever institutional authentication blocks a batch. Use this header:
carsi_retry.tsvtext
id project title doi year venue publisher failure_stage status source_url current_url next_action notesSuggested values:
next_actiontext
user_complete_institution_login_in_chrome
select_institution_in_federation_wayf
retry_same_tab_after_user_confirms
repair_url_by_doi
try_aggregation_entry_route
mark_no_authorized_pdfFor a CARSI retry batch, process one or a few tabs at a time. Do not open many login tabs in parallel; it can confuse the user's session and increase publisher or SSO risk.
仅当所有条件满足时,工具才可点击已保存登录的确认按钮:
text
1. 页面位于用户已配置渠道的预期机构、图书馆、联邦或数据库域名上。
2. 用户在当前对话中明确授权此操作,例如:"可以点这个机构登录确认按钮"。
3. 可见操作明确为登录/确认/继续按钮,如 登录、确认登录、继续登录、Continue、Proceed或Sign in。
4. 无可见仅QR登录、SMS/OTP字段、推送确认提示、密码重置提示、同意共享新数据提示或账户/安全警告。(滑块CAPTCHA和简单机器人验证现在可自动尝试——见边界规则。)
5. 工具不读取、泄露、复制、存储、输入或修改凭证。联邦/WAYF/机构选择页面无凭证,且当机构明确且用户授权时可代为选择。若任何条件不明确,暂停操作并请求用户处理该标签页。不得重复点击登录;一次点击足以测试已保存登录状态是否有效。
当机构认证中断批量处理时,创建或更新。使用以下表头:
carsi_retry.tsvtext
id project title doi year venue publisher failure_stage status source_url current_url next_action notes建议的值:
next_actiontext
user_complete_institution_login_in_chrome
select_institution_in_federation_wayf
retry_same_tab_after_user_confirms
repair_url_by_doi
try_aggregation_entry_route
mark_no_authorized_pdf对于CARSI重试批量处理,一次处理一个或几个标签页。不得并行打开多个登录标签页;这可能混淆用户会话并增加出版商或SSO风险。
Download PDF From Browser Context
从浏览器上下文下载PDF
Use the bundled script when a PDF URL opens in Chrome but direct shell download returns , , Cloudflare HTML, or a login page.
403401powershell
$node = "$env:LOCALAPPDATA\OpenAI\Codex\bin\node.exe"
& $node "$env:USERPROFILE\.agents\skills\nature-downloader\scripts\browser_pdf_downloader.mjs" `
--url "https://www.sciencedirect.com/science/article/pii/SXXXXXXXXXXXXXXXX/pdfft" `
--out "D:\path\paper.pdf"The script:
- Opens the URL in the user's controlled Chrome session unless is provided.
--target - Runs inside the page.
fetch(location.href, { credentials: "include" }) - Transfers bytes in chunks through the local CDP proxy.
- Writes the binary file to disk.
- Verifies the signature by default.
%PDF
Useful options:
text
--url <url> PDF URL to open and save
--target <targetId> Existing Chrome target/tab id to use
--out <path> Output PDF path
--proxy <url> CDP proxy URL, default http://127.0.0.1:3456
--close Close the tab after download if the script opened it
--allow-non-pdf Save even when content does not start with %PDF当PDF URL在Chrome中可打开但直接shell下载返回、、Cloudflare HTML或登录页面时,使用捆绑脚本。
403401powershell
$node = "$env:LOCALAPPDATA\OpenAI\Codex\bin\node.exe"
& $node "$env:USERPROFILE\.agents\skills\nature-downloader\scripts\browser_pdf_downloader.mjs" `
--url "https://www.sciencedirect.com/science/article/pii/SXXXXXXXXXXXXXXXX/pdfft" `
--out "D:\path\paper.pdf"该脚本:
- 除非提供参数,否则在用户受控的Chrome会话中打开URL。
--target - 在页面内运行。
fetch(location.href, { credentials: "include" }) - 通过本地CDP代理分块传输字节。
- 将二进制文件写入磁盘。
- 默认验证签名。
%PDF
有用选项:
text
--url <url> 要打开并保存的PDF URL
--target <targetId> 要使用的现有Chrome目标/标签页ID
--out <path> 输出PDF路径
--proxy <url> CDP代理URL,默认http://127.0.0.1:3456
--close 若脚本打开了标签页,下载后关闭该标签页
--allow-non-pdf 即使内容不以%PDF开头也保存Supporting Information
补充材料
Always confirm SI before file download. Fetch SI only when the user explicitly chooses it (e.g. "连补充材料一起下", "include SI", "download supplementary", "把补充材料也下了"). When the user chooses no, pass and do not perform extra attachment navigation.
--no-siWhen the user does ask for supporting information, use this method:
- Open the article landing page, not only the PDF page.
- Extract all links with text or href matching:
Supporting InformationSupplementarySupplemental/doi/suppl//suppl_file/_si_- ,
mmc1(Elsevier/ScienceDirect supplement pattern)mmc2
- Download every PDF/DOCX/XLSX/video/data file that is clearly a legitimate supplement, using the browser context if needed.
For the WoS batch route, an explicit SI request maps to . When an exact title is known, pass it as both and with . WoS + must:
--si--topic--title--count 1--si- keep each paper in its own readable-title folder;
- place only the verified main PDF and clearly labelled SI files in that folder;
- preserve original attachment names when available;
- follow a supplementary landing page at most one level deep;
- exclude external repository links such as GitHub, Zenodo, Figshare, Dryad, and OSF;
- keep the main PDF and report when no SI exists;
si.status = not_found - report when some SI files fail without treating the main PDF as failed.
partial
Do not apply the clean per-article folder behavior to CNKI, , bare , or direct routes.
--open-access--pdf-url--doisACS fallback pattern, only after verifying the DOI and article page:
text
https://pubs.acs.org/doi/suppl/<DOI>/suppl_file/<journal-code>_si_001.pdfDo not invent supplement URLs as facts. If a guessed URL returns 404, record "not found" and inspect the article page.
文件下载前必须确认SI。仅当用户明确选择时才获取SI(如"连补充材料一起下"、"include SI"、"download supplementary"、"把补充材料也下了")。当用户选择否时,传递参数且不执行额外附件导航。
--no-si当用户要求获取补充材料时,使用以下方法:
- 打开文章着陆页,而非仅PDF页面。
- 提取所有文本或href匹配以下内容的链接:
Supporting InformationSupplementarySupplemental/doi/suppl//suppl_file/_si_- 、
mmc1(Elsevier/ScienceDirect补充材料模式)mmc2
- 使用浏览器上下文(如需)下载所有明确为合法补充材料的PDF/DOCX/XLSX/视频/数据文件。
对于WoS批量渠道,明确的SI请求对应参数。当已知精确题名时,同时传递和参数并设置。WoS + 必须:
--si--topic--title--count 1--si- 将每篇文献保存在独立的可读题名文件夹中;
- 仅将已验证的主PDF和明确标记的SI文件放入该文件夹;
- 保留原始附件名称(若可用);
- 最多深入一级补充材料着陆页;
- 排除外部仓储链接,如GitHub、Zenodo、Figshare、Dryad和OSF;
- 保留主PDF并在无SI时报告;
si.status = not_found - 当部分SI文件下载失败但主PDF正常时,报告状态。
partial
不得将按文献整理文件夹的行为应用于CNKI、、纯或直接渠道。
--open-access--pdf-url--doisACS降级模式,仅在验证DOI和文章页面后使用:
text
https://pubs.acs.org/doi/suppl/<DOI>/suppl_file/<journal-code>_si_001.pdf不得虚构补充材料URL。若猜测的URL返回404,记录"未找到"并检查文章页面。
Verification and Reading
验证与读取
After downloading, verify every file.
For PDFs:
powershell
$env:PYTHONUTF8='1'
python -X utf8 "$env:USERPROFILE\.claude\skills\nature-downloader\scripts\extract_pdf_text.py" `
--pdf "D:\path\paper.pdf" `
--pages 3This should report page count and extracted text. The script also reconfigures stdout/stderr to UTF-8 internally to reduce Windows GBK failures. If extraction fails but the PDF is valid, try PyMuPDF, OCR, or the local skill.
pdfMinimum verification checklist:
- File exists and size is plausible.
- First bytes are for PDF files.
%PDF - Page count is nonzero.
- Extracted text includes the article title, abstract, or supporting information title.
- For HTML full text, saved HTML/text includes the article title or DOI, and the user-facing reply states that no valid PDF was available.
- Save a small manifest with DOI, title, source URL, download date, and supplement status when doing more than one paper.
下载后,验证每个文件。
对于PDF:
powershell
$env:PYTHONUTF8='1'
python -X utf8 "$env:USERPROFILE\.claude\skills\nature-downloader\scripts\extract_pdf_text.py" `
--pdf "D:\path\paper.pdf" `
--pages 3此命令应报告页数和提取的文本。脚本还会在内部重新配置stdout/stderr为UTF-8,以减少Windows GBK编码失败。若提取失败但PDF有效,尝试使用PyMuPDF、OCR或本地工具。
pdf最低验证清单:
- 文件存在且大小合理。
- PDF文件的前几个字节为。
%PDF - 页数非零。
- 提取的文本包含文章题名、摘要或补充材料题名。
- 对于HTML全文,保存的HTML/文本包含文章题名或DOI,且面向用户的回复说明无可用有效PDF。
- 处理多篇文献时,保存包含DOI、题名、来源URL、下载日期及补充材料状态的小型清单。
Zotero
Zotero
Zotero import is useful for metadata, DOI, citation keys, and library organization, but it does not replace local PDF verification. If Zotero imports a paper, still check whether the PDF attachment is present and readable. If the user wants a project folder with full text, save PDFs explicitly to that folder.
Zotero导入对元数据、DOI、引用键及图书馆组织有用,但不能替代本地PDF验证。若Zotero导入文献,仍需检查PDF附件是否存在且可读。若用户需要包含全文的项目文件夹,明确将PDF保存至该文件夹。
Naming Convention
命名规范
Use readable filenames:
text
FirstAuthor_Year_Journal_short-title.pdf
FirstAuthor_Year_Journal_short-title_SI.pdfFor project work, keep a folder like:
text
文献自动下载/
manifest.tsv
PDFs/
SupportingInformation/
extracted_text/使用可读文件名:
text
FirstAuthor_Year_Journal_short-title.pdf
FirstAuthor_Year_Journal_short-title_SI.pdf对于项目工作,保留如下文件夹结构:
text
文献自动下载/
manifest.tsv
PDFs/
SupportingInformation/
extracted_text/Failure Handling
故障处理
If direct publisher navigation triggers ScienceDirect "Are you a robot?", Cloudflare, CAPTCHA, or another bot challenge:
- First, attempt automatic verification via .
scripts/lib/anti-bot.mjs - If auto-verification succeeds, continue the download normally.
- If auto-verification fails, record or
verification_auto_failed.sciencedirect_robot_check - Ask the user to solve it in Chrome.
- Then continue once from the same now-open page.
- If the same challenge immediately reappears, mark and move on.
do_not_auto_retry
If shell or returns 403 but the PDF opens in Chrome:
Invoke-WebRequestcurl- Use ; this is the normal institutional-access case.
browser_pdf_downloader.mjs
If a page shows publisher bot verification, CAPTCHA, Cloudflare, QR login, SMS/OTP, or another security challenge:
- Do not ask for or accept institutional credentials in chat. Publisher API keys follow the separate save-on-receipt rule.
- Pause and ask the user to complete the verification in Chrome.
- Record in
publisher_verification_waiting_user, orpublisher_verification.tsvfor ScienceDirect.sciencedirect_robot_check - Continue only after the user says the browser step is complete.
If a page shows institutional SSO, CAS, CARSI/Shibboleth, OpenAthens, SAML, federation/WAYF/机构选择, database login, or IP-login options:
- Do not ask for or accept institutional credentials in chat. Publisher API keys follow the separate save-on-receipt rule.
- If the user has explicitly authorized it and the browser has already filled credentials, click the visible login/confirm button once.
- Otherwise pause and ask the user to complete the login in the browser.
- Record or
carsi_waiting_userincarsi_resolved_retry_neededas appropriate.carsi_retry.tsv
If the aggregation entry shows no full-text link:
- Try the publisher's own /
Institutional login/ CARSI/Shibboleth/OpenAthens route and select the user's institution when authorized.机构登录 - Try the DOI on the publisher page once an institutional session exists.
- Check open-access copies only from legitimate sources.
- Record rather than seeking unauthorized mirrors.
no_authorized_pdf_found
If a page opens as :
about:blank- Treat it as a URL-fragment/encoding problem first, especially when the original URL contains or
#.#! - Reopen through .
scripts/cdp_open_url.mjs --url "<full URL>" --wait - Do not paste fragment-heavy URLs unquoted into shell commands or manually concatenate them into without URL encoding.
/new?url=...
If is unavailable:
curl- Use PowerShell for simple proxy checks.
Invoke-WebRequest - Prefer the bundled Node.js helper scripts for CDP proxy actions because Node's preserves nested URL fragments correctly.
URLSearchParams
If the session expires:
- Ask the user to re-authenticate through their institution/library route in the same browser, then reopen the publisher/database entry.
若直接出版商导航触发ScienceDirect "Are you a robot?"、Cloudflare、CAPTCHA或其他机器人挑战:
- 首先,尝试通过自动验证。
scripts/lib/anti-bot.mjs - 若自动验证成功,正常继续下载。
- 若自动验证失败,记录或
verification_auto_failed状态。sciencedirect_robot_check - 请求用户在Chrome中解决该挑战。
- 然后从当前打开的同一页面继续操作一次。
- 若同一挑战立即再次出现,标记并继续处理下一篇。
do_not_auto_retry
若shell 或返回403但PDF在Chrome中可打开:
Invoke-WebRequestcurl- 使用;这是机构访问的正常情况。
browser_pdf_downloader.mjs
若页面显示出版商机器人验证、CAPTCHA、Cloudflare、QR登录、SMS/OTP或其他安全挑战:
- 不得在聊天中请求或接受机构凭证。出版商API密钥遵循独立的接收即保存规则。
- 暂停操作并请求用户在Chrome中完成验证。
- 在中记录
publisher_verification.tsv,或针对ScienceDirect记录publisher_verification_waiting_user。sciencedirect_robot_check - 仅当用户表示浏览器步骤完成后才继续操作。
若页面显示机构SSO、CAS、CARSI/Shibboleth、OpenAthens、SAML、联邦/WAYF/机构选择、数据库登录或IP登录选项:
- 不得在聊天中请求或接受机构凭证。出版商API密钥遵循独立的接收即保存规则。
- 若用户明确授权且浏览器已填充凭证,点击一次可见的登录/确认按钮。
- 否则暂停操作并请求用户在浏览器中完成登录。
- 根据情况在中记录
carsi_retry.tsv或carsi_waiting_user。carsi_resolved_retry_needed
若聚合入口无全文链接:
- 尝试出版商自身的/
Institutional login/ CARSI/Shibboleth/OpenAthens渠道,并在授权时选择用户的机构。机构登录 - 机构会话建立后,在出版商页面尝试一次DOI。
- 仅从合法来源检查开放获取副本。
- 记录,而非寻找未授权镜像。
no_authorized_pdf_found
若页面打开为:
about:blank- 首先视为URL片段/编码问题,尤其是当原始URL包含或
#时。#! - 通过重新打开。
scripts/cdp_open_url.mjs --url "<full URL>" --wait - 不得将含片段的URL不加引号粘贴到shell命令中,或手动拼接为而不进行URL编码。
/new?url=...
若不可用:
curl- 使用PowerShell 进行简单代理检查。
Invoke-WebRequest - 优先使用捆绑的Node.js辅助脚本进行CDP代理操作,因为Node的可正确保留嵌套URL片段。
URLSearchParams
若会话过期:
- 请求用户在同一浏览器中通过其机构/图书馆渠道重新认证,然后重新打开出版商/数据库入口。
To Confirm With The User (first run)
需与用户确认(首次运行)
These items depend on the user's live institution/library session and should be confirmed once per deployment or institution profile:
- The exact institutional login, federation, proxy, WebVPN, or database hosts that appear in the address bar.
- The base URL / link pattern of the library aggregation or database entries the user actually uses.
- Whether a federation/WAYF/机构选择, IP-login, or database-login step appears, and whether the user authorizes selecting the unambiguous institution/login option.
这些项目依赖用户的实时机构/图书馆会话,应在每次部署或机构配置文件时确认一次:
- 地址栏中显示的精确机构登录、联邦认证、代理、WebVPN或数据库主机。
- 用户实际使用的图书馆聚合或数据库入口的基础URL/链接模式。
- 是否出现联邦/WAYF/机构选择、IP登录或数据库登录步骤,以及用户是否授权选择明确的机构/登录选项。