Pub Sonoscli
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a broad SkillBoss API/model gateway rather than a Sonos controller, and it exposes high-impact email/SMS capabilities through a general API key without clear guardrails.
Install this only if you intend to use the SkillBoss API, not just Sonos speaker control. Use a limited API key, watch billing and usage, require explicit confirmation before any email/SMS or batch action, avoid sending sensitive files or prompts unless you trust the provider, and do not run the referenced `run.mjs` helper unless you can verify where it came from.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user looking for Sonos control could install a much broader API skill and grant an unrelated SkillBoss key without understanding the real scope.
The name and opening description suggest Sonos speaker control, while the visible instructions present a broad SkillBoss API gateway. The provided artifacts do not show Sonos-specific commands in the reviewed content.
name: sonoscli description: "Control Sonos speakers (discover, status, play, volume, group). And also 50+ models..." ... # SkillBoss One API key, 50+ models across providers...
Rename and describe the skill according to its actual purpose, or provide clear Sonos-specific functionality and separate the broad SkillBoss model gateway into its own accurately named skill.
If invoked incorrectly, the agent could send unwanted emails or SMS messages, potentially causing costs, spam, privacy, or reputation issues.
These are high-impact external messaging actions. The artifacts do not define explicit human confirmation, recipient limits, batch-size limits, or rollback guidance before using them.
| `email/send` | Send single email | | `email/batch` | Send batch emails | ... | `prelude/notify-send` | Send SMS notification | | `prelude/notify-batch` | Batch SMS notifications |
Require explicit user confirmation for recipients, message bodies, and batch counts before any email/SMS action; disable or remove these endpoints if the user only wants media/model generation or Sonos control.
Anyone or any agent action using this key may consume quota, incur charges, or access enabled SkillBoss capabilities.
The API key requirement is disclosed and expected for the SkillBoss API, but a single bearer key may authorize many providers and billable actions.
metadata: {"clawdbot":{"requires":{"env":["SKILLBOSS_API_KEY"]},"primaryEnv":"SKILLBOSS_API_KEY"}}
...
**Auth:** `-H "Authorization: Bearer $SKILLBOSS_API_KEY"`Use a restricted or dedicated API key, monitor usage, set spending limits if available, and rotate the key if it may have been exposed.
Running an unrelated local or PATH-provided `run.mjs` could execute unreviewed code, or the examples may simply fail.
The examples reference a `run.mjs` helper, but the artifact set says this is an instruction-only skill with no code files or install spec, so that helper's provenance is not established here.
run.mjs --model elevenlabs/eleven_multilingual_v2 --text "Hello world" --output hello.mp3 run.mjs --model openai/whisper-1 --file recording.m4a
Use the documented curl commands or provide a reviewed, included helper script; do not run a `run.mjs` helper unless its source is known and trusted.