Readwise Official
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Readwise CLI skill, but it can access and change your Readwise library after you provide an access token.
This skill appears purpose-aligned for using Readwise from the command line. Before installing, make sure you trust the @readwise/cli package, understand that your Readwise token grants account access, and tell the agent to ask before deleting, bulk-editing, moving, or exporting large parts of your library.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the CLI gives that package code execution on the user's machine during setup.
The skill directs users to install a global npm package when the readwise binary is absent. This is expected for a CLI integration but relies on the package source and version users install.
npm install -g @readwise/cli
Install the CLI only from the trusted Readwise npm package/source, and consider checking the package documentation before installing globally.
Anyone or any tool with the token may be able to access or modify the user's Readwise account according to that token's privileges.
The skill requires a Readwise access token for account access. This is purpose-aligned, but the token can authorize access to the user's Readwise/Reader data.
ask the user for their Readwise access token ... then run: readwise login-with-token <token>
Provide the token only if you trust the installed CLI and skill instructions; revoke or rotate the token if it is exposed.
An agent using these commands could reorganize, edit, or delete parts of the user's Readwise library if instructed or if it misunderstands the task.
The documented CLI commands include bulk edits, moving documents, tag changes, note changes, and deleting highlights. These are consistent with managing a reading library but can alter account data.
readwise reader-move-documents ... readwise reader-bulk-edit-document-metadata ... readwise readwise-delete-highlight
Ask the agent to confirm before bulk moves, metadata edits, or deletions, and use limited queries or document IDs when possible.
Private document text may be exposed to the agent during a task, and saved articles could contain instructions that should be treated as content, not commands.
The skill can retrieve or export full Reader document content, which may include private reading material or untrusted web/article text that is brought into the agent's context.
Get full document details including Markdown content ... Export all documents as Markdown ZIP
Limit retrieval/export to what is needed and treat document contents as data rather than instructions to follow.