Safety Report

BookStack API

Name: BookStack API
Author: f-liva

BookStack Wiki & Documentation API integration. Manage your knowledge base programmatically: create, read, update, and delete books, chapters, pages, and she...

40Downloads

0Installs

0Stars

3Versions

API Integration4,971 Customer Support1,744 PDF & Documents1,388 Documentation1,163

Security Analysis

medium confidence

Clean0.08 risk

The skill appears to do exactly what it claims (manage BookStack via its API) and asks only for BookStack API credentials; no surprising installs or unrelated credential requests were found, but there are small metadata/instruction inconsistencies you should confirm before installing.

Mar 6, 20265 files2 concerns

Purpose & Capabilityok

Name, description, README, references, and the included Python script all align: the skill performs CRUD and search against a BookStack instance and requires a BookStack URL and API token. The requested env vars in SKILL.md (BOOKSTACK_URL, BOOKSTACK_TOKEN_ID, BOOKSTACK_TOKEN_SECRET) are appropriate for this purpose.

Instruction Scopenote

SKILL.md instructs storing credentials in ~/.clawdbot/clawdbot.json and passing them as env vars when running the bundled script; the script itself reads only environment variables (no direct file-read of the config), which is consistent but you should confirm your Claudebot runtime will export those env values. SKILL.md also instructs the agent to use this skill broadly whenever the user mentions 'update the docs' or 'check the wiki' — this is a policy/behavior choice (wide invocation surface) rather than hidden malicious behavior.

Install Mechanismok

No install spec, no external downloads, and the script uses only Python standard library (urllib). No package registry or archive downloads detected.

Credentialsnote

The only secrets the code reads are BOOKSTACK_URL, BOOKSTACK_TOKEN_ID, and BOOKSTACK_TOKEN_SECRET — all proportional to a BookStack integration. However, registry-level metadata in the provided overview listed 'Required env vars: none' while SKILL.md declares the three BookStack env vars; this metadata mismatch should be resolved before trusting automated installs.

Persistence & Privilegeok

always is false and the skill does not request system-wide config changes or persistent elevated privileges. The recommended location for credentials (~/.clawdbot/clawdbot.json) is local to the agent config and the script doesn't attempt to modify other skills or system settings.

Guidance

This skill looks like a straightforward BookStack API client, but check two things before installing: (1) metadata mismatch — SKILL.md requires BOOKSTACK_URL, BOOKSTACK_TOKEN_ID, and BOOKSTACK_TOKEN_SECRET while the registry overview claimed no required env vars; confirm the installer will prompt for or populate those envs and where it reads them from. (2) Agent invocation scope — SKILL.md tells the agent to use the skill whenever docs/wiki are mentioned, which could cause the agent to call BookStack frequently or unexpectedly; review and control autonomous invocation or limit the skill to manual use if desired. Finally, create a BookStack API token with the minimum permissions required (preferably a non-admin token), test on a non-production instance, and verify the source repo or publisher (the _meta.json points to a GitHub repo) before granting credentials.

Latest Release

v1.0.2

Add homepage and source URL for provenance verification

Popular Skills

BlockBeats API

@f-s-c-1 · 0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Published by @f-liva on ClawHub