weread

SUSPICIOUS: the skill’s purpose and commands are coherent for a WeRead assistant, but it centralizes trust in a non-official external CLI that appears to come from a personal repo and may receive API keys plus private reading data. No direct malicious behavior or clear exfiltration endpoint is shown in the skill text, but the install/provenance gap and credential forwarding make this a medium-risk skill.