Books
PassAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward Open Library book-lookup skill, with one supply-chain note because the docs point to external CLI scripts that are not included in the provided package.
This appears safe for book searches against Open Library. If you choose to install the external GitHub CLI mentioned in the README, review or pin that code first because it was not included in the submitted artifact set.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you manually install from the GitHub repository, you are trusting code that was not included in these reviewed artifacts.
The provided package is instruction-only, but the README points users to clone and make executable external scripts. This is a provenance gap rather than evidence of malicious behavior.
git clone https://github.com/jeffaf/books-skill.git cd books-skill chmod +x books scripts/books
Before using the external CLI scripts, review the repository contents, prefer a pinned commit or release, and confirm the scripts only call the documented Open Library endpoints.