ZeeLin Music

Security checks across malware telemetry and agentic risk

Overview

The skill appears to generate AI music as advertised, but it asks users to paste a reusable billing App-Key into chat and sends that key to MelodyLab, so it belongs in Review.

Review before installing. Use this only if you are comfortable entering a ZeeLin billing App-Key into the agent flow and allowing MelodyLab to receive it for charge handling. Prefer a low-balance or easily revocable key, avoid sensitive personal content in prompts or lyrics, confirm the 200-credit charge before generation, and rotate the key if you stop using the skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Ssd 3

Medium

Confidence: 96% confidence
Finding: The README shows a realistic App-Key being pasted directly into chat and explicitly instructs users to provide it conversationally. This normalizes sharing secrets in an LLM/chat context, increasing the risk of credential exposure through chat logs, model retention policies, screenshots, plugins, or other integrations; in this skill, the App-Key authorizes billing-related actions and service access, so leakage can lead to unauthorized usage and charges.

Ssd 3

High

Confidence: 98% confidence
Finding: The skill explicitly instructs the agent to collect the user's App-Key in conversation and use it against a third-party billing/validation API. This turns the agent into a credential collection channel and exposes a reusable secret to the model, logs, intermediaries, and potentially untrusted downstream services; in context, the key directly authorizes billing-related actions, making the risk significant.

Ssd 3

High

Confidence: 99% confidence
Finding: The skill directs the agent to forward the user's App-Key to melodylab.top in music-generation and charge-confirmation requests, expanding exposure of a billing credential beyond the original platform. This is especially dangerous because the key appears sufficient to authorize paid operations; forwarding it to another service creates unnecessary trust expansion, replay risk, and possible misuse if that service, logs, or transport handling are compromised.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal