Book Review Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
The runnable code appears local-only, but the included README/package documentation still describes DeepSeek/API-key and personal note-library access, so users should review the mismatch before installing.
The supplied source and dist files look like a local template-only implementation, but the documentation is inconsistent. Do not provide a DeepSeek API key or note-library paths based on the README unless the publisher clarifies the intended behavior and updates the metadata to match.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may trust that no data leaves the device while other included documentation says the skill uses an external AI provider.
This contradicts the safe-version positioning in SKILL.md and the source comments that claim no external API calls and local-template processing only, making the privacy claims unreliable.
✅ **AI Generation**: Generate in-depth expanded reviews based on DeepSeek API
The publisher should remove or correct stale DeepSeek/API documentation, or accurately declare any external provider use before users install or configure the skill.
Users could unnecessarily create or expose a service credential for a version of the skill that does not appear to need it.
The README instructs users to provide an API key even though the registry requirements and safe-version SKILL.md declare no credentials, and the included code does not read this variable.
export DEEPSEEK_API_KEY=sk-your-api-key
Do not provide API keys for this skill unless the publisher updates the metadata and code review clearly shows why they are required.
Users may be led to point the skill at private notes or cache reading data despite the reviewed runtime not needing filesystem access.
The README describes broad personal note-library paths and a cache directory without clear exclusions, retention, or approval boundaries, while the safe-version code claims no filesystem access.
export BOOK_REVIEW_NOTE_PATHS=~/Documents/Notes,~/Obsidian ... BOOK_REVIEW_CACHE_DIR=~/.cache/book-review
Avoid configuring note paths or cache locations for this skill until the publisher reconciles the documentation and clearly scopes any local indexing behavior.