AIML Music Generator
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use the user's AIMLAPI account or billing quota when generating music.
The script requires a local AIMLAPI API key and uses it to authorize requests to the music-generation API. This is expected for the stated purpose, but it is still delegated account access.
key = os.getenv("AIMLAPI_API_KEY") ... "Authorization": f"Bearer {api_key}"Use a dedicated or restricted AIMLAPI key if possible, monitor usage, and avoid sharing the key in prompts or logs.
Music descriptions and lyrics entered by the user leave the local environment and are processed by AIMLAPI and its model providers.
The script sends the user's prompt and optional lyrics to AIMLAPI, which is a disclosed and purpose-aligned external provider flow.
DEFAULT_BASE_URL = "https://api.aimlapi.com/v2" ... payload = {"model": args.model, "prompt": args.prompt} ... if args.lyrics: payload["lyrics"] = args.lyricsDo not submit sensitive, confidential, or unreleased lyrics unless you are comfortable with AIMLAPI's handling and retention terms.
Users have less external context for verifying the publisher, update history, or upstream project identity.
The registry metadata does not provide a source repository or homepage, limiting provenance verification. The included code is visible and aligned with the stated purpose, so this is a provenance note rather than a concern.
Source: unknown; Homepage: none
Review the included script before use and prefer installing updates only from trusted registry entries or maintainers.