Find Book
Security checks across malware telemetry and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This skill looks safe for local book search. Before installing, be aware that the data source and rating provenance are not fully clear, and do not blindly add generated snippets to persistent agent memory or identity files. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied into agent knowledge files, the generated book snippets could affect future agent behavior or priorities.
The skill creates suggested text for files that may influence the agent's persistent identity, memory, or future behavior. It only returns suggestions and does not write those files automatically.
Generate suggestions for SOUL.md, MEMORY.md, SKILL.md
Review any suggested SOUL, MEMORY, or SKILL additions before saving them to persistent agent files.
Users have less external provenance information for verifying who maintains the skill or where the dataset came from.
The package provenance is limited. This is only a note because the included code is simple, local-only, has no dependencies, and shows no hidden install or execution behavior.
Source: unknown Homepage: none
Install only if you are comfortable with the publisher and local dataset provenance.
A user may over-trust the ratings as Goodreads-derived when the included artifacts show Heardly-sourced local data.
The implementation and docs describe a Heardly local database rather than a Goodreads source, so the rating provenance is somewhat unclear.
Description: Instantly find nonfiction books with Goodreads ratings
Treat ratings and summaries as local Heardly dataset content unless the maintainer provides clearer sourcing.