ZLibrary2Kindle

WarnAudited by ClawScan on May 10, 2026.

Overview

The skill’s workflow matches its description, but it asks for sensitive account credentials and runs an unreviewed external Python package from an unknown source.

Review the external zlibrary2kindle package before use, provide credentials only through a temporary or dedicated environment, use a dedicated email/app password if possible, and revoke stored sessions or app passwords when finished.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If the agent is misled or over-invokes the skill, it could run broader Python/package commands than needed for searching, downloading, or sending a book.

Why it was flagged

The allowed tool patterns permit broad uvx, pip, and python Bash invocations, not only the specific zlibrary2kindle workflow.

Skill content

allowed-tools: Bash(uvx:*) Bash(pip:*) Bash(python:*)

Recommendation

Restrict allowed tools to the exact CLI commands needed, and require explicit user confirmation before installing packages, downloading files, or sending email.

High

#ASI03: Identity and Privilege Abuse

What this means

The external package would receive credentials that could access the user’s Z-Library account and send email through the configured SMTP account.

Why it was flagged

The skill asks for account passwords/app passwords that can authenticate to Z-Library and SMTP/Gmail; this sensitive credential requirement is not declared in the registry metadata.

Skill content

export ZLIBRARY_PASSWORD="your-password" ... export SENDER_PASSWORD="xxxx xxxx xxxx xxxx"  # Gmail App Password

Recommendation

Use a dedicated sender account or narrowly scoped app password if possible, revoke it after use, avoid storing credentials globally, and inspect the package before providing secrets.

Medium

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

The reviewed artifact does not show what code will handle the credentials, downloads, session cookies, or email sending.

Why it was flagged

The skill instructs use of an external Python package, but the supplied artifacts contain no code or install spec and the registry lists the source as unknown.

Skill content

uvx zlibrary2kindle --help ... pip install zlibrary2kindle

Recommendation

Install only after verifying the package provenance, version, and source code; prefer pinned versions and a reviewed repository.