Blog to Kindle
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user or agent omits the Kindle email, the generated ebook could be sent from the user's email account to someone else's Kindle address.
The script uses the user's Mail.app account to send an attachment, hides the compose window, and defaults the recipient to a hard-coded personal Kindle address if no --kindle-email is supplied.
DEFAULT_KINDLE_EMAIL = "simonpilkington74_8oVjpj@kindle.com" ... visible:false ... send newMessage
Remove the personal default recipient, require the user to supply a Kindle address, show a visible draft or confirmation prompt before sending, and document the Mail.app permission clearly.
A malicious or malformed filename or subject could cause the Mail automation to fail, send to the wrong place, or execute unintended AppleScript behavior.
User-controlled values are interpolated directly into executable AppleScript without escaping, so specially crafted subjects, email addresses, or file paths containing quotes could alter the AppleScript that runs locally.
applescript = f''' ... subject:"{subject}" ... address:"{kindle_email}" ... file name:"{file_path}" ... '''
subprocess.run(["osascript", "-e", applescript], ...)Do not concatenate unescaped user input into AppleScript. Escape AppleScript strings safely, restrict/validate recipient and file path inputs, and prefer creating a visible draft for user review.
The skill may fail or use whatever local tools and packages are already installed, making setup and provenance less clear.
The provided scripts and docs still depend on undeclared components such as httpx, BeautifulSoup, pandoc, osascript/Mail.app, uv command examples, and the external nano-banana-pro cover workflow.
Required binaries: none ... Required env vars: none ... No install spec — this is an instruction-only skill.
Add an install spec or dependency documentation with pinned Python packages, required binaries, OS expectations, and the external cover-generation requirement.
Running the manual example may use a local Gemini API key and incur provider usage under that account.
The manual cover workflow retrieves a local keychain secret and passes it to another skill. This is disclosed and purpose-aligned for AI cover generation, but it is sensitive credential access and is not declared in metadata.
GEMINI_API_KEY=$(security find-generic-password -a "aineko" -s "api/gemini" -w) \ uv run ~/clawd/skills/nano-banana-pro/scripts/generate_image.py
Declare the Gemini credential requirement, avoid hard-coded account/service names in shared docs, and instruct users to use their own configured credential.