ClawHub

Prowlarr

ReviewAudited by ClawScan on May 1, 2026.

Overview

The skill is coherent for managing Prowlarr, but users should notice that it uses a Prowlarr API key and includes commands that can change, delete, or sync indexer settings.

This skill appears aligned with its stated purpose. Before installing, confirm you are comfortable giving it a Prowlarr API key and allowing user-invoked commands that can modify or delete indexers and sync those changes to connected apps. Protect the local config file and require explicit confirmation before running destructive or sync actions.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI03: Identity and Privilege Abuse
What this means

Anyone or any agent run with this skill and access to the config can use the configured Prowlarr API key to query and manage that Prowlarr instance.

Why it was flagged

The skill requires a Prowlarr API key stored locally, which grants access to the user's Prowlarr instance. This is expected for the stated purpose, but users should understand the account-level authority involved.

Skill content
Config: `~/.clawdbot/credentials/prowlarr/config.json`

{
  "url": "https://prowlarr.example.com",
  "apiKey": "your-api-key"
}
Recommendation

Use a Prowlarr API key only for the intended instance, protect the config file, and rotate the key if the skill or local environment is no longer trusted.

Medium
#ASI02: Tool Misuse and Exploitation
What this means

If invoked with the wrong indexer ID, the skill can delete an indexer configuration from Prowlarr.

Why it was flagged

The helper exposes a direct delete operation for Prowlarr indexers without an in-script confirmation prompt. This matches the management purpose, but it is a persistent mutating action.

Skill content
cmd_delete() {
    local id="$1"
    api DELETE "/indexer/$id"
    echo '{"status": "ok", "indexer": "'"$id"'", "deleted": true}'
}
Recommendation

Only run delete, enable, disable, and similar mutating commands after explicit user confirmation and verifying the target indexer ID.

Low
#ASI08: Cascading Failures
What this means

A mistaken sync could push incorrect or unwanted indexer settings into connected media-management applications.

Why it was flagged

The sync command can propagate indexer changes from Prowlarr to connected applications such as Sonarr or Radarr. This is documented and purpose-aligned, but changes can affect more than Prowlarr alone.

Skill content
cmd_sync() {
    api POST "/command" -d '{"name": "ApplicationIndexerSync"}'
    echo '{"status": "ok", "message": "Syncing indexers to applications"}'
}
Recommendation

Review current indexer settings before syncing and reserve sync actions for explicit user requests.

Low
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

Users may need to inspect the included script themselves and ensure required local tools are available before use.

Why it was flagged

The registry metadata does not provide source provenance and does not declare helper-script runtime dependencies such as curl and jq. The included code is visible and not suspicious, but the metadata is incomplete.

Skill content
Source: unknown
Homepage: none
Required binaries (all must exist): none
Recommendation

Prefer skills with clear source/homepage metadata and declare required binaries such as curl and jq in the registry metadata.