auto-improvement: daily paper-review loop from Awesome-LLM4Cybersecurity

[killertcell428]

Summary

• Adds a half-automated daily loop that reads ~10 unseen papers/day from Awesome-LLM4Cybersecurity (639 entries today) and proposes Aigis detector candidates via Claude Haiku 4.5.
• Each candidate becomes a stub in auto-improvement/pending/; a summary issue + bot PR is opened for human review every morning.
• No detector code is auto-modified. Promotion to actual rules under aigis/ stays a human-driven PR — same convention as the existing 6-hour rotation loop.

Files

• .github/workflows/paper-review.yml — cron 00:15 UTC, Python 3.11 + uv + anthropic SDK, opens issue + bot PR.
• auto-improvement/scripts/paper_review.py — parses upstream list, dedupes against state.json, calls Haiku, writes pending/research/state.
• auto-improvement/paper_review_state.json — seen-URL ledger (empty at boot).
• auto-improvement/README.md — new "論文レビューループ" section.

How it picks 10 papers

Newest-first by upstream date string. At 10/day, the current 639-entry list takes ~64 days to clear, after which the loop catches each new commit to upstream as the maintainers add it.

Required setup (before the first cron fires)

• Add repo secret `ANTHROPIC_API_KEY` (Settings → Secrets → Actions).
• Without it, the scheduled run will fail loudly; `workflow_dispatch` with `dry_run=true` works regardless and exercises the parser.

Cost guard

10 papers × Haiku 4.5 (≈500 output tokens) ≈ a few cents/day → <$1/month at the chosen budget.

Test plan

• Local dry-run: `python auto-improvement/scripts/paper_review.py --dry-run --max-papers 5` → parses 639 entries, picks the 5 newest correctly.
• After merge: trigger `workflow_dispatch` with `dry_run=true` to confirm the workflow runs end-to-end on CI without burning credits.
• Add `ANTHROPIC_API_KEY` secret, then trigger one real run manually to validate the issue + bot PR are filed cleanly.
• Verify the first scheduled cron at the next 00:15 UTC produces a sane batch.

🤖 Generated with Claude Code