Skillv0.2.1

ClawScan security

Sonos 音乐点播 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 8, 2026, 7:36 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and scripts are consistent with a Sonos playback helper: it only requires the sonos CLI and installs the soco Python package into a local venv, and it does not request credentials or contact unknown endpoints — review the actual playback wrapper/scripts before running them.
Guidance: This skill appears coherent with its stated purpose. Before installing: (1) ensure you have the official sonos CLI from a trusted source; (2) inspect the playback wrapper and Python playback scripts (sonos_netease_play(.sh/.py), sonos_qq_play(.sh/.py)) that are expected in your workspace — they are not bundled here and will be executed by the wrappers; (3) be aware the bootstrap will pip install 'soco' into a venv (network access to PyPI); and (4) if you do not trust the unbundled playback scripts, do not run the install/bootstrap steps. If you want extra caution, run the install steps in an isolated environment or container and review outputs before using with real Sonos devices.

Review Dimensions

Purpose & Capability: okThe name/description (Sonos music playback) matches what the files do: they check for the sonos CLI, create a Python venv, and install the soco library to drive Sonos queue-based playback. Asking for the sonos binary and installing soco is appropriate for this purpose.
Instruction Scope: noteSKILL.md and the scripts only instruct running local install/check/bootstrap scripts and wrappers; they do not reference unrelated system files or external endpoints. Note: the runtime scripts expect external playback wrapper/script files (sonos_netease_play.sh/.py and sonos_qq_play.sh/.py) to exist in the workspace — those playback entrypoints are not included in this package and should be inspected before use.
Install Mechanism: okThere is no packaged install spec; the included bootstrap script creates a local Python venv and runs pip to install soco from PyPI. Installing packages from PyPI is expected here; this is moderate-risk (network fetch) but coherent with the skill's purpose. No downloads from arbitrary URLs or archive extraction are present.
Credentials: noteThe skill does not request credentials or secret env vars. It does reference several OPENCLAW_* environment variables (workspace/venv/wrapper/script paths) for configuration, but these path-overrides are not declared in the registry metadata. This is low risk but worth noting: those env vars control file locations and are not secrets.
Persistence & Privilege: okThe skill does not request always:true or system-wide privileges. The scripts only create a venv, install soco into that venv, and set executable bits on wrapper files in the workspace — actions confined to the skill's workspace/venv.