ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Book Id

v1.0.0

Catalog books from photos or text. Trigger on: book photo, catalog book, log book, add to library.

0· 29·0 current·0 all-time
by@gabebac
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (catalog books from photos or text) align with the SKILL.md: it describes reading covers, web-searching OpenLibrary/Wikipedia/Goodreads, checking for duplicates, creating a book markdown file, saving photos, and optionally pushing to a vault. However, the instructions assume a specific runtime environment (absolute paths under /home/node/.openclaw and workspace layout) that were not documented in the metadata; that environment-specific access is noteworthy but not necessarily malicious.
!
Instruction Scope
The SKILL.md directs the agent to: read inbound images, parse/interpret titles/authors, search the web, check local workspace/Files/Books/ for duplicates, write a file at workspace/Files/Books/Title - Author.md, copy the photo into workspace/Files/Photos/Books/, and run bash /home/node/.openclaw/workspace/fix-md.sh on the file. Running a local script and copying arbitrary files are powerful operations: fix-md.sh could contain arbitrary commands, and the skill will read/write user files. The file- and script-execution steps expand the skill's scope beyond passive data processing and should be considered risky unless you trust the workspace contents and the script.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes supply-chain risk (nothing is downloaded or installed by the skill itself).
Credentials
The skill requests no environment variables, credentials, or explicit config paths in the registry metadata, which is proportional. However, the SKILL.md presumes read/write access to specific filesystem paths (/home/node/.openclaw/media/inbound, workspace/Files/...), and a conditional 'vault-push' to 'HumanVault/Knowledge Atlas/Outside Knowledge/Books/'. Those implicit filesystem and vault accesses are functionally privileged (can read other user files and potentially push data out) and are not declared as required resources in the metadata.
Persistence & Privilege
always:false (good). The skill can be invoked autonomously per platform default (disable-model-invocation:false), which is normal. The main privilege concern is the skill's ability to modify workspace files and execute an existing script in the workspace — powerful actions, but they are limited to the current agent environment and require the presence of those files/scripts.
What to consider before installing
This skill appears to do what it says (catalog books) but it instructs the agent to read/write files and to run a local script (fix-md.sh) in your workspace. Before installing or using it: 1) Verify what /home/node/.openclaw/workspace/fix-md.sh does — ask the author for the script contents or inspect it yourself; running unknown scripts can execute arbitrary commands. 2) Confirm you are comfortable with the skill having read/write access to workspace/Files/Books and media/inbound (these folders may contain other sensitive files). 3) Clarify where 'vault-push' sends data and ensure the skill will not push anything without explicit confirmation (the SKILL.md says it will ask, but confirm behavior). 4) Test the skill in a sandboxed environment or with non-sensitive sample images first. If you cannot verify fix-md.sh or the vault target, treat the skill as risky and avoid granting it write/execute access to important data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e371gxa777mx45f2tp0rwp185a1mm
29downloads
0stars
1versions
Updated 1d ago
v1.0.0
MIT-0
@gabebac
latest
Download

Book Cataloger

ICM Contract

Layer 3 inputsSOUL.md (32-property book schema)
Layer 4 inputsPhoto from media/inbound/ or user-provided text
ProcessIdentify book → web search OpenLibrary/Wikipedia → check for duplicates in Files/Books/ → write note → save photo → run fix-md.sh
Layer 4 outputsFiles/Books/Title - Author.md, photo saved to Files/Photos/Books/Title - Author.jpg → vault-push to HumanVault/Knowledge Atlas/Outside Knowledge/Books/

STEP 0 — READ THE COVER FIRST (mandatory before anything else)

A photo was provided. Before doing anything:

  1. Look at the book cover in the image
  2. Read the TITLE exactly as printed on the cover
  3. Read the AUTHOR exactly as printed on the cover
  4. State them explicitly: "I can see: Title = X, Author = Y"

If you cannot read the cover clearly → say "I cannot read the cover. Please send a clearer photo." DO NOT proceed. NEVER catalog a book you have not confirmed from the image. NEVER guess or substitute another book.

NON-NEGOTIABLE: WRITE ALL 32 PROPERTIES

Every single one of the 32 properties below MUST appear in the output, in exact order. Empty value = leave blank after the colon. DO NOT omit any property line. A note with missing properties is BROKEN. Obsidian will silently fail.

WRONG — omitting unknowns:

type: book
title: The Stranger
author:
  - "Camus, Albert"
tags:
  - book

WRONG — inline arrays:

author: ["Camus, Albert"]
tags: [book, fiction]

RIGHT — all 32 properties, 2-space indent lists, blanks included:

type: book
title: The Stranger
subtitle:
original_title: L'Étranger
author:
  - "Camus, Albert"
translator:
publisher: Vintage International
year: 1989
year_original: 1942
edition:
isbn_13: "9780679720201"
isbn_10:
pages: 123
language: English
original_language: French
format: Paperback
series:
genre:
  - fiction
category:
subjects:
  - absurdism
audience: Adult
condition:
status: owned
rating:
cover: https://covers.openlibrary.org/b/isbn/9780679720201-L.jpg
date_added: 2026-04-22
wikipedia: https://en.wikipedia.org/wiki/The_Stranger_(Camus_novel)
goodreads: https://www.goodreads.com/book/show/49552.The_Stranger
openlibrary: https://openlibrary.org/works/OL46933W
aliases:
cssclass: book
tags:
  - book
  - fiction
  - author/camus

WRITE THE BODY SECTION TOO. Do not skip it. The body section is mandatory.

WORKFLOW

  1. READ THE COVER — state title and author explicitly (Step 0 above)
  2. Web search: title + author on OpenLibrary, Wikipedia, Goodreads
  3. Check workspace/Files/Books/ for duplicates (title + author match)
  4. If duplicate: tell Pooh. If new: write file.
  5. Save to: workspace/Files/Books/Title - Author.md (filename format: Title first, then Author, ASCII only) Save photo: cp "/home/node/.openclaw/media/inbound/[FILE]" "/home/node/.openclaw/workspace/Files/Photos/Books/Title - Author.jpg"
  6. Run: bash /home/node/.openclaw/workspace/fix-md.sh "[FILEPATH]"
  7. Reply with the full file path and a one-line summary
  8. Ask: "Push to vault? (yes/no)" — do NOT push unless Pooh confirms

FRONTMATTER TEMPLATE - COPY EXACTLY

type: book title: "Book Title" subtitle: original_title: author:

  • "LastName, FirstName" translator: publisher: year: 1956 year_original: edition: isbn_13: isbn_10: pages: 147 language: Spanish original_language: format: Paperback series: genre:
  • "Fiction"
  • "Philosophy" category: subjects:
  • "French literature" audience: Adult condition: status: owned rating: cover: date_added: 2026-04-06 wikipedia: goodreads: openlibrary: aliases: cssclass: book tags:
  • book
  • fiction
  • author/camus

BODY TEMPLATE - COPY EXACTLY

Title

By [[LastName, FirstName]] Published YEAR by Publisher Format Paperback | Language Spanish

Synopsis

2-3 sentences about the book from web search.

About the Author

[[LastName, FirstName]] 1-2 sentence bio from web search.

Details

FieldValue
PublisherName
Pages000
LanguageLanguage
FormatFormat
ISBN0000000000000

Themes

Keywords: theme1, theme2, theme3.

Personal Notes

Photo: [[Photos/Books/Title - Author.jpg]]

Quotes

Related

  • [[Related Book]]

CRITICAL REMINDERS

  • author MUST be a list: 2-space indent, dash, space, quoted name
  • genre MUST be a list: 2-space indent, dash, space, quoted genre
  • tags MUST be a list: 2-space indent, dash, space, lowercase no quotes
  • status: always "owned"
  • cssclass: always "book"
  • rating: always empty
  • year and pages: numbers only, no quotes
  • No parentheses () or brackets [] in any values
  • Filenames: Title - Author.md format — Title first, then Author. ASCII only, no accents.
  • Leave blank for unknown. NEVER write "Unknown"
  • ALWAYS web search before writing

COVER IMAGE

  1. Search: https://openlibrary.org/search.json?title=[TITLE]&author=[AUTHOR]&limit=5
  2. Verify title AND author match in results
  3. Build URL: https://covers.openlibrary.org/b/isbn/[ISBN]-M.jpg or /b/id/[COVER_ID]-M.jpg
  4. Any size works (-S, -M, -L) — pick whichever is clear and available
  5. Exact edition match is ideal, but a generic relevant cover is acceptable
  6. ONLY use OpenLibrary URLs. NEVER Amazon, Google, or descriptions.
  7. If no covers exist at all on OpenLibrary, leave cover: blank

FORBIDDEN

  • No parentheses () or brackets [] in property values
  • No accented characters in filenames
  • No "Unknown" or "N/A" anywhere
  • No guessing. If unsure, ASK Pooh.
  • No skipping web search
  • No writing author/genre/tags as plain strings instead of lists

Comments

Loading comments...