Readwise & Reader
PassAudited by ClawScan on May 10, 2026.
Overview
This skill is a straightforward Readwise/Reader API wrapper, but it uses your Readwise token to read private highlights/articles and can add saved URLs to your Reader account.
This looks safe for its stated purpose if you trust the skill with your Readwise account token. Before installing, remember that the agent can read your highlights, notes, saved article metadata/content, and can save URLs to Reader when invoked.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using this skill should expect the agent to access private highlights, notes, saved articles, and related metadata through the Readwise account token.
The skill requires a Readwise API token, which gives the agent delegated access to the user's Readwise/Reader account data.
Set the environment variable: export READWISE_TOKEN="your_token_here"
Use a token you are comfortable granting to the agent, keep it private, and revoke or rotate it from Readwise if you no longer use the skill.
If invoked, the agent can add URLs and tags to your Reader account, though the artifact does not show deletion, bulk modification, or unrelated account actions.
The Reader save command performs an authenticated POST that adds a supplied URL to the user's Reader account; this is disclosed and purpose-aligned but account-mutating.
const data = await request('/save/', { method: 'POST', body });Review requests that save URLs to Reader and only allow the command when you want that item added to your account.
You have less provenance assurance about who authored or maintains the skill, even though the reviewed files do not show suspicious behavior.
The registry metadata does not identify a source repository or provenance chain, although the included code is available in the artifact set and appears coherent.
Source: unknown
Prefer installing from trusted sources and inspect the included scripts before use, especially before providing the READWISE_TOKEN.