Back to skill

Security audit

Reading Buddy

Security checks across malware telemetry and agentic risk

Overview

Reading Buddy appears to be a purpose-aligned local Node/SQLite reading-room CLI, with the main cautions being npm dependency installation and locally stored/exportable chat data.

This looks safe to use as a local reading-room CLI. Before installing, be comfortable with running npm install/build, and remember that chat, user, and room data are saved in `~/.reading-buddy/reading-buddy.db` and can be exported by the CLI.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.