ClawHub

FL Studio Scripting

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only FL Studio scripting reference with disclosed project-editing capabilities and no evidence of hidden execution or data theft.

This skill is reasonable to install as a reference, but generated FL Studio or PyFLP scripts can change project state, controller behavior, or .flp files. Review generated code, run it only on intended projects and devices, and keep backups or work on copies before using automation that writes or batch-modifies FLP files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill explicitly advertises FLP save file manipulation and project file reading/writing, but provides no caution about backups, overwrite risk, corruption, or operating on copies. In a coding-assistant context, that omission can lead an agent or user to perform destructive project modifications on valuable music-production files without informed consent or safety checks.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The PyFLP section normalizes reading and writing .flp files outside FL Studio without warning that automated batch processing or generation can overwrite projects, introduce invalid state, or cause irreversible loss of arrangement/plugin data. Because this skill is meant to guide automation, the lack of guardrails increases the chance of unsafe file-modifying workflows being suggested or executed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal