Moviepilot
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A specially crafted movie title, search keyword, or filter could make the user's machine run unintended code with the agent's local permissions.
The user-controlled title is interpolated directly into Python code passed to python3 -c. A crafted value containing quotes and Python syntax could break out of the string and execute local Python commands. Similar patterns appear for type_name, download name, and search_resource keyword.
api_get "/api/v1/media/search?title=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$title'))")&page=${page}"Replace these python3 -c interpolations with safe argument passing, such as python3 reading sys.argv[1], or use curl --get --data-urlencode. Do not run the skill with untrusted arbitrary search strings until patched.
Mistaken media selections or deletion commands could change the user's MoviePilot subscriptions and may affect automatic downloads.
The skill exposes actions that add, delete, update, and refresh MoviePilot subscriptions. This is aligned with the stated purpose, but these are state-changing operations.
scripts/moviepilot_api.sh sub_add ...; scripts/moviepilot_api.sh sub_delete <subscribe_id>; sub_refresh | Refresh all subs
Confirm the selected media item before subscribing and require clear user intent before deleting, updating, or refreshing subscriptions.
Anyone or anything using the configured token can view and manage MoviePilot subscriptions and download-related information.
The skill needs MoviePilot server credentials to perform its intended API actions. This is expected for the integration, but it grants account-level authority over the configured MoviePilot instance.
Required environment variables ... MOVIEPILOT_URL ... MOVIEPILOT_API_KEY ... Or MOVIEPILOT_TOKEN ... If credentials are not set, ask the user to provide them.
Use the least-privileged MoviePilot API key or token available, avoid pasting passwords into chat when possible, and verify the MOVIEPILOT_URL before providing credentials.
Installers or users may not be warned about the needed local tools and credentials before the agent tries to run the skill.
The helper script depends on MOVIEPILOT_URL, curl, and python3, while the registry metadata declares no required environment variables or binaries. The script is visible, but the runtime contract is under-declared.
BASE_URL="${MOVIEPILOT_URL:?Set MOVIEPILOT_URL environment variable}" ... curl -s ... python3 -cDeclare MOVIEPILOT_URL, MOVIEPILOT_API_KEY or MOVIEPILOT_TOKEN, curl, and python3 in the skill metadata or setup instructions.