readwise-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements tools to interact with the Readwise and Reader platforms. All identified operations are consistent with the stated purpose of the skill.
- [EXTERNAL_DOWNLOADS]: The skill connects to an MCP server at
https://mcp2.readwise.io/mcp. This is a verified vendor resource belonging to the author (readwiseio). - [PROMPT_INJECTION]: The skill ingests external content from saved articles and highlights. While this presents a surface for indirect prompt injection (where instructions within retrieved text might influence the agent), this is an inherent and expected risk for research and reading tools. No explicit injection patterns were found in the skill's own instructions.
Audit Metadata