Back to skill
Skillv1.0.0
ClawScan security
Reading Buddy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 11:32 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are internally consistent with a local social-reading CLI/service: it installs npm dependencies, uses a local SQLite DB under the user's home, and exposes CLI commands; nothing indicates unexplained credential access or hidden exfiltration.
- Guidance
- This skill appears coherent and implements a local CLI-backed social reading tool. Before installing/run: 1) review the source yourself if possible; npm install will fetch public packages and build a native module (better-sqlite3) which may compile native code on your machine. 2) The CLI will create a SQLite DB at ~/.reading-buddy/reading-buddy.db — if you want to sandbox it, run it inside a container or VM. 3) If you do not want network activity during npm install, inspect package.json/package-lock or vendor the deps. 4) No credentials are requested, but treat any future configuration that asks for external API keys (e.g., OAuth, cloud storage) as needing separate review.
Review Dimensions
- Purpose & Capability
- okName/description (social reading, rooms, chat) align with the provided code and docs. Declared dependencies (better-sqlite3, ws, commander) are appropriate for a Node CLI with local DB and realtime messaging. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md instructs building the package (npm install, npm run build), initializing the DB, and using the CLI commands. All referenced files and the DB path (~/.reading-buddy/reading-buddy.db) are consistent with the stated purpose. There are no instructions to read unrelated system files, harvest environment variables, or post data to unknown external endpoints.
- Install Mechanism
- noteThis is an instruction-only skill (no platform install spec). SKILL.md tells the user/agent to run npm install and build in the skill workspace. That will fetch packages from the public npm registry (including better-sqlite3, a native module with install scripts). This is expected for the project but means npm will perform network fetches and native builds on install — not malicious but a higher foot‑traffic operation than a pure JS-only package.
- Credentials
- okThe skill declares no required environment variables or credentials. The code and docs refer only to a local SQLite DB file and local CLI operations. No evidence the skill needs or asks for cloud keys, secrets, or unrelated environment access.
- Persistence & Privilege
- okFlags show always:false and model invocation enabled (normal). The skill will create/modify files in its workspace and the user home DB path (~/.reading-buddy) when initialized — this is expected for a local CLI/database tool and does not modify other skills or system-wide agent settings.