ClawHub

Kie Audio Generator

Security checks across malware telemetry and agentic risk

Overview

The skill does generate Kie.ai/Suno audio as advertised, but it reads all OpenClaw global environment secrets instead of only the Kie credentials it needs.

Install only if you are comfortable with the skill reading ~/.openclaw/openclaw.json globalEnv. Prefer running it in an isolated OpenClaw profile containing only KIE_API_KEY and, if needed, KIE_WEBHOOK_HMAC_KEY. Treat prompts, lyrics, and extension audio URLs as data sent to Kie.ai/Suno, and confirm before running requests that may spend API credits or write media files locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation indicates the capability to access environment variables and make network requests, yet no explicit permissions are declared. This creates a transparency and policy-enforcement gap: a caller may invoke the skill without realizing it can read secrets such as API keys and send data to external services. In a skill that calls a third-party API, undeclared env and network access are materially relevant rather than theoretical.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The module automatically loads arbitrary key/value pairs from ~/.openclaw/openclaw.json into process environment variables at import time, without explicit user action or allowlisting. This creates implicit trust in a local config file and can influence downstream network/auth behavior in surprising ways, especially if that file is modified by another local process or user.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger list contains broad phrases such as 'generate music', 'background track', and 'song with vocals', which are common in normal conversation and can cause accidental invocation. Unintended activation matters here because the skill performs networked actions against a paid external API and can create/download files, potentially causing unwanted charges, data transfer, or side effects without clear user intent.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The markdown states that all generated tracks and cover images are automatically downloaded, but it does not prominently warn users that local files will be created. This can surprise users, consume disk space, and leave residual media files on disk; in some environments, automatic downloading from returned URLs also increases exposure to unsafe or untrusted remote content handling.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal