ClawHub

music-manager

Security checks across malware telemetry and agentic risk

Overview

This is a mostly coherent music downloader, but it enables local browser cookie access by default and can write downloaded files beyond the intended music folder if given unsafe category input.

Review before installing. Set BROWSER = None unless you explicitly need authenticated downloads, avoid using a main browser profile for downloads, and use a dedicated music folder. Only pass simple category names, not absolute paths or values containing ../, because the script can otherwise place files outside the intended library.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The script is configured to extract browser cookies via `--cookies-from-browser chrome`, which grants the downloader access to authenticated session material from the user's local browser profile. That capability exceeds the core need of a general music downloader and can expose private account data, bypass access controls, or allow downloading content using the user's authenticated identity.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The feature description states that downloads are automatically categorized into the local music library, but it does not prominently warn that the skill will create and persist files on the user's machine. In an agent setting, undisclosed local writes are risky because they can consume storage, overwrite organization expectations, and surprise users with persistent artifacts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to configure browser-based cookie extraction for authenticated downloads without warning that this may access sensitive browser session data. In an agent or automation context, browser cookie access can expose authenticated accounts and create account-takeover or privacy risks if mishandled, logged, or reused beyond the intended download session.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal