Seerr server manager
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: seerr-manager Version: v0.8.2 The seerr-cli skill (SKILL.md) provides a CLI and MCP server for managing Seerr media servers, featuring high-risk administrative capabilities such as user password resets and file deletion (media delete-file). It also includes an option to disable authentication for its MCP HTTP server (SEERR_MCP_NO_AUTH). While these features are aligned with the stated management purpose, the combination of broad API access and the binary-based installation method (fetching from github.com/electather/seerr-cli) warrants a suspicious classification under the provided criteria.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with an administrative API key, mistakes or unintended commands could change users, requests, issues, or server settings.
The CLI is intended to perform mutable and administrative actions on a Seerr server. This matches the skill purpose, but users should recognize that the agent may be able to change requests, users, or server state when given the API key.
create and manage media requests, manage users, track issues, and administer a self-hosted Seerr instance
Use a least-privilege Seerr API key where possible and require explicit confirmation before user-management, deletion, or administrative changes.
Anyone or any process with access to this key can act against the configured Seerr server within that key's permissions.
The skill requires a Seerr API key as its primary credential. This is expected for the integration, but it grants delegated account/server access.
primary_credential: SEERR_API_KEY ... API key for authenticating with the Seerr server
Store the API key securely, avoid sharing it in chat or logs, rotate it if exposed, and prefer a scoped or non-admin key if the Seerr deployment supports that.
The security of the installed tool depends on the external release or container image you download.
Installation depends on an external latest-release binary or container image, while the provided skill package contains only SKILL.md and no reviewable executable code.
Download the latest release archive from https://github.com/electather/seerr-cli/releases/latest ... A Docker image is also available at ghcr.io/electather/seerr-cli
Install only from the expected repository, verify checksums and release provenance, consider pinning a specific version instead of latest, and review the upstream project before providing credentials.
A poorly secured MCP HTTP endpoint could let other clients invoke Seerr-management tools or expose the API key through URLs, logs, browser history, or intermediaries.
The optional MCP HTTP transport can be configured with no authentication, an API key in the URL query string, and CORS for browser clients. These options are disclosed and not the default stdio transport, but they can expose Seerr control if used on an untrusted network.
Set to "true" to disable all MCP HTTP authentication ... append ?api_key=<key> to authenticate ... Set to "true" to enable CORS headers
Prefer bearer-token authentication over query-string API keys, use HTTPS, avoid SEERR_MCP_NO_AUTH except on isolated localhost/trusted networks, and do not expose the MCP port publicly without access controls.