Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Devialet Speaker Control
v1.0.0Control Devialet Phantom speakers via HTTP API. Use for: play/pause, volume control, mute/unmute, source selection, and speaker status. Requires DOS 2.14+ firmware. Works with Phantom I, Phantom II, Phantom Reactor, and Dialog.
⭐ 0· 1.8k·3 current·3 all-time
by@jgm2025
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the included scripts: HTTP control of Devialet speakers and optional Spotify integration. However, the registry metadata declares no required env vars or config paths while the runtime instructions and scripts require DEVIALET_IP / DEVIALET_HOST and a Spotify credentials/token file — this mismatch is a design omission that reduces transparency.
Instruction Scope
SKILL.md and scripts stay within speaker-control/Spotify scope (curl to local Devialet endpoints, Spotify API calls, local D-Bus/xdotool/playerctl usage). The scripts read/write local config (~/.config/clawdbot/spotify.json and spotify_token.json), set DBUS env vars, and make outbound HTTPS requests (Spotify API, and a Google search as a fallback). Those actions are consistent with the feature set but the Google scraping (curl → grep) is an unexpected external web dependency and may leak search queries to Google.
Install Mechanism
No install spec; this is instruction/script-only — nothing is downloaded or executed during install. That lowers install-time risk. The scripts assume standard command-line tools (curl, jq, playerctl, xdotool, dbus-send) but do not install them for you.
Credentials
The skill requires environment/config data not declared in registry metadata: DEVIALET_IP or DEVIALET_HOST and Spotify credentials (client_id/client_secret) stored at $XDG_CONFIG_HOME/clawdbot/spotify.json and tokens at spotify_token.json. Those files contain secrets (client_secret, refresh/access tokens) and are written to disk by the OAuth flow; the skill does not declare these required secrets nor explain storage permissions. The number/location of required config files is disproportionate to the metadata presented and should be disclosed.
Persistence & Privilege
always: false and no cross-skill/system-wide config modifications. The skill does persist Spotify tokens and credentials under ~/.config/clawdbot (created by the auth flow), which is reasonable for OAuth but is a persistent artifact that the user should review and protect. No evidence of attempts to modify unrelated skill configs or global system settings.
What to consider before installing
This skill appears to implement what it claims, but it has transparency issues you should consider before installing:
- It requires you to set DEVIALET_IP or DEVIALET_HOST (not declared in registry metadata). The scripts will fail without that.
- For Spotify integration you must create a credentials file (~/.config/clawdbot/spotify.json) with client_id and client_secret and run an OAuth flow that saves tokens to ~/.config/clawdbot/spotify_token.json. These files contain secrets — review and protect them (file perms, backup policies).
- The play script scrapes Google search results as a fallback to find Spotify track IDs; that sends your search queries to Google and is fragile. If you prefer, use the Spotify API script (spotify.sh) which uses official endpoints but requires proper OAuth setup.
- The scripts assume a desktop environment (DBUS session, DISPLAY, xdotool, playerctl). They will not work on headless servers without adjustments.
- No install-time downloads occur, but review the three scripts before running. If you don't want local credential files or outbound requests to Google/Spotify, do not enable Spotify integration — direct Devialet control via curl (documented in SKILL.md) works without those tokens.
If you decide to proceed: inspect the scripts, run them in a restricted environment or sandbox first, and protect the credential files created by the auth flow (restrict permissions, do not check them into source control).Like a lobster shell, security has layers — review code before you run it.
latestvk977gyv7mcne5bbb49nhaye22s802kcp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.