goodreads
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Goodreads browser-automation skill, with disclosed account-session use and user-directed reading-list actions.
This skill appears safe for its stated purpose. Be aware that if you are logged into Goodreads, it can read personalized recommendations and make requested changes such as adding books to shelves or setting ratings through browser clicks.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you ask it to manage shelves or ratings, it may click Goodreads controls that change your reading lists or ratings.
The browser workflow can perform account-changing clicks on Goodreads, such as adding a book to a shelf. This is disclosed and aligned with the skill’s reading-list management purpose, but users should know it can mutate their account state.
browser → act → click on the "Want to Read" ref
Use clear instructions for any shelf or rating changes, and review the final confirmation after the skill acts.
When you are logged into Goodreads, the skill can view personalized pages and perform requested shelf or rating actions as your account.
The skill uses the user’s authenticated Goodreads browser session for personalized recommendations and reading-list actions. This is expected for the stated purpose and the artifacts do not show credential collection or token handling.
Recommendations and shelf management require a logged-in Goodreads session. Always verify auth state first.
Only use account-management features when you are comfortable letting the browser session act on your Goodreads account; log out if you only want public browsing.