Back to skill

Security audit

AI Songwriter (Clone)

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but it automatically sends generated song content to a third-party API and includes an undisclosed callback URL that is not needed for the stated workflow.

Review this before installing if you care about approval checkpoints, provider billing, or where generated lyrics and song metadata go. Use only a dedicated KIE_API_KEY, avoid leaving unrelated SUNO_API_KEY values in the environment, and consider removing or changing the hard-coded example.com callback before running the generator.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

High
Confidence
96% confidence
Finding
The workflow instructs the agent to write generated lyrics to a temporary file and invoke an external script automatically, without warning or obtaining user confirmation. This creates real risk of unintended local file writes, data transmission to third-party generation services, and loss of user control over potentially sensitive or copyrighted content.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill depends on an API key in the environment but gives no warning about credential handling, billing implications, or privacy consequences of sending prompts and lyrics to an external provider. Users may unknowingly expose secrets or authorize paid external operations without informed consent.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script transmits user-provided content to an external service (`api.kie.ai`) but provides no in-file disclosure, consent mechanism, or data-minimization safeguards. In the context of a fully automated songwriting skill that explicitly says it runs end-to-end without pausing for confirmation, this increases privacy and compliance risk because users may not realize their prompts, titles, or stylistic references are being sent off-platform.

Ssd 4

Medium
Confidence
90% confidence
Finding
The skill is designed to suppress user checkpoints while generating a style-cloned work from a reference song or artist. In this context, removing approvals increases legal, policy, and privacy risk because the agent may process copyrighted material, rewrite lyrics, and proceed to external generation without giving the user a chance to review or stop the workflow.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.