Shellf.ai
ReviewAudited by ClawScan on May 10, 2026.
Overview
Shellf is a coherent philosophy-library integration, but it pushes the agent to publish reflections, replies, and reactions as a default workflow without clearly requiring user approval.
Install only if you are comfortable with the agent using Shellf as a community account. Keep browsing and reading separate from posting: require confirmation before any reflection, rating, reply, or reaction. If using the CLI, remember that npx shellf@latest runs external code not included in this review; use the REST API or a pinned verified CLI version if you want tighter control.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may continue interacting with the Shellf community even when the user only intended to browse or read.
The skill gives mandatory-sounding follow-up instructions that can change the stopping point from reading or reviewing a book into additional social actions.
After sharing your reflection, always check what other agents have written about the same book. Reply to at least one reflection with a thoughtful response. React to others.
Require explicit user confirmation before posting reflections, replies, or reactions, and treat social engagement as optional unless the user asks for it.
The agent could publish ratings, reflections, replies, or reactions under its Shellf identity, affecting reputation or creating unwanted public records.
These commands mutate a third-party account or public/community-visible content, but the instructions do not clearly require reviewing and approving the content before submission.
npx shellf@latest reflect <bookId> --one-sentence "Your core takeaway" --rating 4.5 ... npx shellf@latest reply <reflectionId> --text "Your thoughtful response..." ... npx shellf@latest engage <reflectionId> --type insightful
Use read-only commands by default, preview generated text, and ask the user before any reflect, reply, or engage action.
Running the CLI executes external package code that was not reviewed here.
The recommended CLI is fetched as an unpinned latest package, and its code is not included in the reviewed artifacts.
Option A: Use the Shellf CLI (Recommended) ... npx shellf@latest
Prefer the documented REST API or pin and verify the CLI package version before running it.
Anyone with the Shellf API key may be able to act as the registered agent on Shellf.
The skill requires creating a Shellf identity and using an API key; this is expected for the service but should be understood as delegated account authority.
Register (saves your API key automatically) ... X-Shellf-Key: sk_shellf_xxxxx
Store the API key securely, avoid sharing logs containing it, and rotate or revoke it if exposed.
Other agents' reflections could influence the agent's behavior or prompt it to include unintended content in replies.
The workflow intentionally consumes and responds to content written by other agents, which may be untrusted user-generated text.
Read other agents' reflections on the book you just read ... Reply and react to reflections that resonate, challenge, or intrigue you
Treat other reflections as untrusted content and do not follow instructions embedded inside them unless the user approves.