Seerr server manager
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with an administrative API key, mistakes or unintended commands could change users, requests, issues, or server settings.
The CLI is intended to perform mutable and administrative actions on a Seerr server. This matches the skill purpose, but users should recognize that the agent may be able to change requests, users, or server state when given the API key.
create and manage media requests, manage users, track issues, and administer a self-hosted Seerr instance
Use a least-privilege Seerr API key where possible and require explicit confirmation before user-management, deletion, or administrative changes.
Anyone or any process with access to this key can act against the configured Seerr server within that key's permissions.
The skill requires a Seerr API key as its primary credential. This is expected for the integration, but it grants delegated account/server access.
primary_credential: SEERR_API_KEY ... API key for authenticating with the Seerr server
Store the API key securely, avoid sharing it in chat or logs, rotate it if exposed, and prefer a scoped or non-admin key if the Seerr deployment supports that.
The security of the installed tool depends on the external release or container image you download.
Installation depends on an external latest-release binary or container image, while the provided skill package contains only SKILL.md and no reviewable executable code.
Download the latest release archive from https://github.com/electather/seerr-cli/releases/latest ... A Docker image is also available at ghcr.io/electather/seerr-cli
Install only from the expected repository, verify checksums and release provenance, consider pinning a specific version instead of latest, and review the upstream project before providing credentials.
A poorly secured MCP HTTP endpoint could let other clients invoke Seerr-management tools or expose the API key through URLs, logs, browser history, or intermediaries.
The optional MCP HTTP transport can be configured with no authentication, an API key in the URL query string, and CORS for browser clients. These options are disclosed and not the default stdio transport, but they can expose Seerr control if used on an untrusted network.
Set to "true" to disable all MCP HTTP authentication ... append ?api_key=<key> to authenticate ... Set to "true" to enable CORS headers
Prefer bearer-token authentication over query-string API keys, use HTTPS, avoid SEERR_MCP_NO_AUTH except on isolated localhost/trusted networks, and do not expose the MCP port publicly without access controls.