ClawHub

Sonarr Fixed

PassAudited by ClawScan on May 1, 2026.

Overview

This skill is a straightforward Sonarr API wrapper, but it needs a Sonarr API key and can add or remove shows, including optional file deletion.

Install only if you want your agent to manage your Sonarr library. Protect the Sonarr API key, confirm add/remove actions, and be especially careful with the --delete-files option because it can remove media files.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI02: Tool Misuse and Exploitation
What this means

If invoked with the delete-files option, the skill can remove shows and delete associated media through Sonarr.

Why it was flagged

The skill exposes a destructive Sonarr operation that can delete media files, but it is documented and paired with an explicit user-confirmation instruction.

Skill content
bash scripts/sonarr.sh remove <tvdbId> --delete-files # delete files too
**Always ask user if they want to delete files when removing!**
Recommendation

Only allow removal after an explicit user request, and require clear confirmation before using --delete-files.

NoteHigh Confidence
ASI03: Identity and Privilege Abuse
What this means

Anyone or any agent using this skill with the configured key can perform Sonarr actions allowed by that key.

Why it was flagged

The script reads a Sonarr API key and uses it for authenticated API calls, which is expected for this integration but grants control over the configured Sonarr instance.

Skill content
SONARR_API_KEY=$(jq -r '.apiKey' "$CONFIG_FILE")
AUTH="X-Api-Key: $SONARR_API_KEY"
Recommendation

Store the API key securely, use the least-privileged Sonarr access available, and install only if you trust the skill to manage that Sonarr instance.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Users have less provenance information for verifying the fork against its claimed upstream source.

Why it was flagged

The fork metadata does not include a commit or publication provenance reference; the risk is limited because the runnable script is included and no remote installer is specified.

Skill content
"latest": {
  "version": "1.0.2",
  "publishedAt": null,
  "commit": null
}
Recommendation

Review the included script before installing and prefer versions with clear source, commit, or release provenance when available.