ClawHub

Reading Manager

Security checks across malware telemetry and agentic risk

Overview

This appears to be a benign local reading tracker that installs a Python CLI, stores reading data locally, and may contact Google Books for metadata lookup.

This skill looks coherent for personal reading management. Before installing, be aware that it installs a Python CLI, keeps your reading database under ~/.config/reading-manager, and may send book searches or ISBNs to Google Books when online lookup is used.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

Installing the skill adds a command-line program and Python dependencies to the user's environment.

Why it was flagged

The skill asks the user to install a local editable Python package. This is expected for a CLI-based skill, but it is still a local code/dependency installation step.

Skill content
cd ~/.openclaw/workspace/skills/reading-manager
pip install -e .
Recommendation

Install only from a trusted copy, preferably in a virtual environment, and review setup.py/dependencies if concerned.

#
ASI02: Tool Misuse and Exploitation
Info
What this means

Search terms and ISBNs may be sent to Google when using online metadata features.

Why it was flagged

Online book search and ISBN lookup send the user's query or ISBN to Google Books. This is disclosed and purpose-aligned for metadata retrieval.

Skill content
url = "https://www.googleapis.com/books/v1/volumes"
params = {"q": query, "maxResults": 10}
response = requests.get(url, params=params, timeout=10)
Recommendation

Use manual entry or local search if you do not want a query sent to an external book metadata service.

#
ASI06: Memory and Context Poisoning
Low
What this means

Reading history, progress, and notes remain on disk until the user deletes or exports them.

Why it was flagged

The skill persistently stores reading records and note contents in a local SQLite database, which is expected for a personal reading manager but may contain personal information.

Skill content
数据库位置:`~/.config/reading-manager/reading.db` ... content: str # 笔记内容
Recommendation

Avoid storing sensitive notes unless comfortable with local persistence, and protect or back up the database as appropriate.