Reader Deep Dive
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is coherent for a Readwise-to-WhatsApp briefing, but it handles private reading data and sends it through Gemini and WhatsApp, so users should configure it carefully.
Before installing, make sure you are comfortable sharing Readwise Reader titles, summaries, dates, authors, and URLs with the configured Gemini CLI and WhatsApp delivery path. Set READWISE_TOKEN and TARGET_NUMBER securely, verify the local CLI tools are trusted, and only enable the cron schedule if you want ongoing daily messages.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone running the skill must trust it with access to Readwise Reader data returned by the API.
The script uses a Readwise API token to access the user's Reader data. This is aligned with the skill's stated purpose, but the token can expose private reading-library information.
curl -s -H "Authorization: Token $READWISE_TOKEN" "https://readwise.io/api/v3/list/?location=new&page_size=10"
Store READWISE_TOKEN securely, rotate it if exposed, and use the least-privileged Readwise token available.
Private titles, summaries, authors, dates, and URLs from the user's reading library may be processed by an external LLM and delivered to the configured phone number.
Readwise-derived context is sent to the Gemini CLI for generation, and the generated briefing is sent through clawdbot to a WhatsApp target. This is disclosed and purpose-aligned, but it moves private reading data through external provider/messaging boundaries.
BRIEF=$(gemini -o text 2>/dev/null <<EOF ... CONTEXT: $CONTEXT_DATA ... EOF ) ... clawdbot message send --target "$TARGET_NUMBER" --message "$BRIEF"
Confirm the Gemini and clawdbot data-handling policies are acceptable, and set TARGET_NUMBER only to the intended recipient.
The skill's behavior depends on locally installed CLI tools and their configured accounts, not just the skill text itself.
The README documents required local tools, while the registry metadata lists no required binaries and no install spec. This is not malicious, but users need to know these local executables are part of the runtime trust boundary.
- `curl`, `jq` - `clawdbot` (for LLM inference and WhatsApp delivery) - `gemini` CLI (for stateless completion)
Verify the installed curl, jq, gemini, and clawdbot commands are trusted and configured for the accounts you intend to use.
If scheduled, the skill will keep fetching Readwise data and sending briefings on the configured schedule.
The skill provides a user-directed cron setup for recurring daily execution. This matches the daily briefing purpose, but it is persistent automation that will continue running until removed.
clawdbot cron add --id reader_brief --schedule "0 14 * * *" --command "bash scripts/brief.sh"
Only add the cron job if you want recurring delivery, and remove or disable it when you no longer want automated messages.