ClawHub

Music Recommender

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it analyzes a NetEase music playlist, searches Bilibili for links, and saves local recommendation history.

Install only if you are comfortable with playlist-derived data being sent to NetEase and Bilibili, and with recommendation history being stored locally in clear text. Avoid using the optional Notion or file export unless you explicitly want that data saved elsewhere.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill invokes scripts that read and write local files and make network requests, but it declares no permissions or user-facing notice about those capabilities. This creates a transparency and consent gap: users and the hosting system may treat the skill as low-risk while it actually persists data and transmits playlist-derived queries to third parties.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The optional save features expand the skill from recommendation into exporting user-derived data to Notion, local HTML, or text files, which increases the attack surface and data handling scope beyond the core purpose. Without separate consent and scoping, this can lead to unexpected persistence or disclosure of user preferences and recommendation history.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill stores daily recommendation history on disk under the user's workspace without warning in the description or obtaining explicit consent. Persistent storage of listening preferences and recommendation history can reveal personal interests over time and may be accessed by other tools or users sharing the environment.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Listing external or local save destinations without warning means user-derived data may be written to third-party systems or local files unexpectedly. This is dangerous because music preferences and generated content can be exported outside the immediate chat context without informed user approval.

External Transmission

Medium
Category
Data Exfiltration
Content
- NetEase API endpoint: `https://music.163.com/api/v6/playlist/detail?id=<ID>&n=1000`
- Required headers: `User-Agent: Mozilla/5.0`, `Referer: https://music.163.com/`, `Cookie: os=pc;`
- Artist field is `ar` (not `artists`) in NetEase API response
- Bilibili search API: `https://api.bilibili.com/x/web-interface/search/all/v2?keyword=<query>`
- Required headers for Bilibili: `User-Agent: Mozilla/5.0`, `Referer: https://www.bilibili.com/`
- Default recommendation count: 10 songs
- Always use Bilibili links (free, no membership) instead of NetEase links
Confidence
93% confidence
Finding
https://api.bilibili.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal