Back to skill
Skillv1.0.4
ClawScan security
Sonos Announce · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 24, 2026, 1:43 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, requirements, and instructions are consistent with a Sonos announcement utility — it uses soco, ffprobe, and a small HTTP server to stream files and restore playback state.
- Guidance
- This skill appears to do what it says, but review and accept the practical effects before installing: it will start a local HTTP server that serves media files on your LAN (default directory ~/.local/share/openclaw/media/outbound), create a PID file next to the module, and run shell commands (lsof, pkill, nohup, netstat/taskkill) to manage the server. Ensure you trust the environment because SONOS_HTTP_PORT/SONOS_HTTP_HOST environment variables control binding and are interpolated into shell commands; avoid running it as root and avoid untrusted environment variable values. If you want extra safety, inspect the included sonos_core.py in full, run it in a restricted environment (VM/container), and confirm you are comfortable exposing the chosen media directory on your LAN.
Review Dimensions
- Purpose & Capability
- okName/description match the implementation: the module discovers Sonos devices (soco), pauses/resumes playback, serves audio via an HTTP server and uses ffprobe to measure duration. Required binaries (python3, ffprobe) and the pip dependency (soco) are appropriate for this functionality.
- Instruction Scope
- noteThe runtime instructions and code stay within the stated purpose, but the module performs system-level actions: starts/stops a local HTTP server, writes a PID file in the module directory, and runs shell commands (lsof, pkill, nohup, netstat/taskkill). It also exposes files via an HTTP server on the LAN (default ~/.local/share/openclaw/media/outbound). These behaviors are expected for streaming to Sonos but are worth noting because they affect local network exposure and process state.
- Install Mechanism
- okThere is no remote install/download; the skill is instruction-only and includes its Python module. The only installation step is installing the 'soco' Python package and ensuring ffprobe is available. No external URLs or archive extracts are used.
- Credentials
- okThe skill requests no sensitive credentials and only documents two optional environment variables (SONOS_HTTP_HOST, SONOS_HTTP_PORT) used to control the HTTP server host/port. That is proportionate to running a local HTTP server for media. (Note: the port/host values are used in shell commands — if an environment variable were maliciously set in a shared environment it could affect those commands.)
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system-wide agent config. Its only persistence is a PID file it writes in the module directory and background HTTP server processes it starts/stops — reasonable for the stated purpose.