Security audit
Reading Buddy
Security checks across malware telemetry and agentic risk
Overview
Reading Buddy appears to be a purpose-aligned local Node/SQLite reading-room CLI, with the main cautions being npm dependency installation and locally stored/exportable chat data.
This looks safe to use as a local reading-room CLI. Before installing, be comfortable with running npm install/build, and remember that chat, user, and room data are saved in `~/.reading-buddy/reading-buddy.db` and can be exported by the CLI.
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
