ClawHub

Internet Radio Music Player

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a real internet-radio player, but it needs review because it opens unvalidated stream URLs in Foobar2000 and can export unescaped history data to HTML.

Install only if you are comfortable with a skill that can stop and start Foobar2000, contact internet-radio stream URLs, and keep local listening history. Prefer using it with a trusted radio database, avoid arbitrary play URLs, and treat exported HTML history files cautiously until the publisher adds URL validation and HTML escaping.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def play_foobar(url):
    subprocess.run(["taskkill", "/f", "/im", "foobar2000.exe"], capture_output=True, timeout=10)
    time.sleep(1)
    subprocess.Popen([FOOBAR, "/play", url], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)


def stop_foobar():
Confidence
89% confidence
Finding
subprocess.Popen([FOOBAR, "/play", url], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The command phrases include very generic everyday utterances such as 'Стоп', 'Назад', 'История', and 'Статус', which can easily collide with normal conversation or other skills' intents. In a voice-activated environment, this can cause unintended media control actions or trigger the wrong skill, especially because the skill exposes state-changing commands like playback, history recall, and stream switching.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The HTML export interpolates untrusted history fields such as Name, Url, Genre, and Note directly into HTML without escaping. If playback metadata contains HTML or JavaScript, opening the exported file in a browser can trigger script execution in the local file context, creating a stored XSS issue.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal