Readarr

Interact with Readarr (ebook/audiobook manager) via its REST API. Use when searching for books, monitoring authors for new releases, checking what's missing...

This skill is generally coherent for interacting with a local Readarr instance, but review before installing. Key points: (1) SKILL.md expects the agent to read your Readarr API key from a file in your home (~/clawd/credentials/readarr_api_key or similar) even though the skill metadata doesn't declare required credentials—ensure you understand and approve any file access. (2) Confirm the Readarr URL (localhost vs. 192.168.42.79) and the filesystem paths referenced (Calibre library, Docker volumes) match your environment; the doc has environment-specific assumptions (macOS path, Synology Docker) that may not apply. (3) If you do not want an agent to read local secrets, move the API key to a location only you permit, or update the skill to clearly declare required config path(s) and to accept the key via a safer mechanism. (4) Because this is instruction-only, there is no installer risk, but pay attention to the agent's permission to read files and access your LAN. If unsure, test in a restricted account or VM and prefer creating a dedicated Readarr API key with limited scope before use.

Type: OpenClaw Skill Name: readarr Version: 1.0.0 The skill bundle contains shell command templates in SKILL.md that are vulnerable to shell injection, as user-controlled placeholders (e.g., <title>, <id>) are directly interpolated into bash commands without sanitization. The skill also requires reading sensitive API keys from the filesystem and references a setup in references/setup.md that involves passwordless sudo for Docker on a specific local IP (192.168.42.79). While these capabilities are aligned with the stated purpose of managing a Readarr instance, the lack of input validation in the instructions constitutes a significant security vulnerability.