v1.0.0

X to Kindle

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:55 AM.

Analysis

The skill matches its stated Kindle-sending purpose, but it asks you to persist a Gmail/SMTP app password and use it to send email, which deserves review before installation.

GuidanceInstall only if you are comfortable giving the agent SMTP sending ability. Prefer a dedicated email account or app password, store the secret in a protected secret manager rather than TOOLS.md, revoke it if you stop using the skill, and confirm the recipient/content before each Kindle email is sent.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

Send via SMTP to user's Kindle address with subject line as tweet preview.

Sending email is a real external side effect. It is purpose-aligned here, but it should stay limited to explicit user requests and the configured Kindle address.

User impactAn unintended invocation could send an unwanted email from the user's account.

RecommendationBefore sending, show the recipient and subject and proceed only when the user has clearly asked to send the post to Kindle.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

Extract content via fxtwitter API: https://api.fxtwitter.com/status/<tweet_id>

The skill depends on a third-party API to retrieve tweet content. This is disclosed and purpose-aligned, but it means the tweet ID is sent to that service and the returned content is trusted for the email.

User impactThe third-party service can see which X/Twitter post is being processed, and incorrect or unavailable API output could affect what gets sent.

RecommendationUse only for posts you are comfortable querying through fxtwitter, and verify the fetched content if accuracy or privacy matters.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Gmail account with App Password (or other SMTP setup) ... App Password: xxxx xxxx xxxx xxxx

The skill asks for a Gmail/SMTP credential that can send email from the user's account; this is high-impact delegated account authority and is not reflected in the supplied credential metadata.

User impactIf the app password is mishandled, it could be used to send email as the user until revoked.

RecommendationUse a dedicated email account or dedicated app password, revoke it when no longer needed, and ensure the skill metadata clearly declares the required SMTP credential.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Store in TOOLS.md: ... ## Email (Gmail SMTP) ... - From: your@gmail.com ... - App Password: xxxx xxxx xxxx xxxx

The instructions place a sensitive email credential in a persistent Markdown configuration file without guidance on protection, redaction, or cleanup.

User impactThe credential may remain available to later uses of the skill or to anyone who can read that file.

RecommendationDo not store the app password in plain Markdown; use a protected secret store or environment variable, and avoid exposing the secret in prompts, logs, or shared files.