← Back to Skills Marketplace
784
Downloads
2
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install sequential-read
Description
Read prose sequentially with structured reflections to simulate the reading experience
Usage Guidance
This skill appears to do what it claims: it reads a text file, chunks it, writes per-chunk reflections, and synthesizes a final report using only local Python scripts. Before installing or running it: (1) review or run the included scripts in a controlled environment (they write under your OpenClaw workspace, default ~/.openclaw/workspace); (2) avoid passing sensitive or private files (the session metadata stores source filenames/paths and the full text is persisted under memory/sequential_read/<session-id>/); (3) note that the pipeline spawns sub-agents and runs end-to-end without extra prompts — if you prefer manual confirmation between phases, do not use the hands-off mode or inspect/modify SKILL.md to add prompts; (4) if you want to sandbox file writes, set OPENCLAW_WORKSPACE to an isolated directory before invoking. Overall the skill is internally consistent, but treat persisted session data and autonomous execution as the main operational considerations.
Capability Analysis
Type: OpenClaw Skill
Name: sequential-read
Version: 1.0.0
The skill contains multiple local file inclusion (LFI) vulnerabilities due to insufficient sanitization of user-provided inputs. Specifically, `scripts/chunk_manager.py`'s `structural-chunk` command takes a user-controlled `source_file` (from `SKILL.md` and `preread/SKILL.md`) and directly `open()`s it, allowing path traversal to read arbitrary files. Similarly, `scripts/session_manager.py` and `scripts/state_manager.py` construct file paths using a user-controlled `session_id` (from `SKILL.md`), enabling path traversal for reading and writing files within the OpenClaw workspace or potentially beyond. The `LENS` parameter (user input) is also used to construct prompts for sub-agents, creating a prompt injection vulnerability. While these are critical vulnerabilities, there is no clear evidence of intentional malicious behavior such as data exfiltration to external endpoints or backdoor installation.
Capability Assessment
Purpose & Capability
Name/description (sequential reading with structured reflections) matches the files and runtime actions: Python scripts implement session, chunk, and state management; SKILL.md describes chunking, reading, and synthesis flows. Required binaries (python3) are appropriate and there are no unrelated credentials or tools requested.
Instruction Scope
Instructions legitimately operate on user-supplied text files and the OpenClaw workspace: preread reads the entire source, chunking splits it, the reading agent iterates over chunks writing reflections, and synthesis produces the final output. The skill explicitly instructs spawning sub-agents (sessions_spawn) and to run end-to-end without asking the user mid-run — this is coherent for an autonomous reading pipeline but important to note since the pipeline processes the full text and writes session artifacts without further user confirmation.
Install Mechanism
No install spec or external downloads; only local Python scripts are included. This is low risk from an install-perspective because nothing is fetched from third-party URLs or installed system-wide.
Credentials
The skill does not require secrets or external credentials. Scripts optionally respect OPENCLAW_WORKSPACE (falls back to ~/.openclaw/workspace) but SKILL.md did not declare this env var — it's optional but the skill will read/write files there and will store the user's source filename/path in session metadata. This is expected behavior but has a privacy implication: absolute source paths and text are persisted to disk.
Persistence & Privilege
The skill is not always-enabled and does not request special platform privileges. However, it is designed to run autonomously (it instructs spawning reader/finisher sub-agents and to proceed without asking the user). Autonomous operation is coherent for this use case but increases the blast radius if you supply sensitive files or if you are uncomfortable with unattended runs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install sequential-read - After installation, invoke the skill by name or use
/sequential-read - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release. Three-phase pipeline (preread/reading/synthesis) for deep sequential engagement with prose. Tested on 41+ novels.
Metadata
Frequently Asked Questions
What is Sequential Read?
Read prose sequentially with structured reflections to simulate the reading experience. It is an AI Agent Skill for Claude Code / OpenClaw, with 784 downloads so far.
How do I install Sequential Read?
Run "/install sequential-read" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Sequential Read free?
Yes, Sequential Read is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Sequential Read support?
Sequential Read is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Sequential Read?
It is built and maintained by Horace (@horace-claw); the current version is v1.0.0.
More Skills