ClawHub
Back to skill
v1.0.0

Prowlarr

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:51 AM.

Analysis

The skill is coherent for managing Prowlarr, but users should notice that it uses a Prowlarr API key and includes commands that can change, delete, or sync indexer settings.

GuidanceThis skill appears aligned with its stated purpose. Before installing, confirm you are comfortable giving it a Prowlarr API key and allowing user-invoked commands that can modify or delete indexers and sync those changes to connected apps. Protect the local config file and require explicit confirmation before running destructive or sync actions.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
scripts/prowlarr-api.sh
cmd_delete() {
    local id="$1"
    api DELETE "/indexer/$id"
    echo '{"status": "ok", "indexer": "'"$id"'", "deleted": true}'
}

The helper exposes a direct delete operation for Prowlarr indexers without an in-script confirmation prompt. This matches the management purpose, but it is a persistent mutating action.

User impactIf invoked with the wrong indexer ID, the skill can delete an indexer configuration from Prowlarr.
RecommendationOnly run delete, enable, disable, and similar mutating commands after explicit user confirmation and verifying the target indexer ID.
Cascading Failures
SeverityLowConfidenceHighStatusNote
scripts/prowlarr-api.sh
cmd_sync() {
    api POST "/command" -d '{"name": "ApplicationIndexerSync"}'
    echo '{"status": "ok", "message": "Syncing indexers to applications"}'
}

The sync command can propagate indexer changes from Prowlarr to connected applications such as Sonarr or Radarr. This is documented and purpose-aligned, but changes can affect more than Prowlarr alone.

User impactA mistaken sync could push incorrect or unwanted indexer settings into connected media-management applications.
RecommendationReview current indexer settings before syncing and reserve sync actions for explicit user requests.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
metadata
Source: unknown
Homepage: none
Required binaries (all must exist): none

The registry metadata does not provide source provenance and does not declare helper-script runtime dependencies such as curl and jq. The included code is visible and not suspicious, but the metadata is incomplete.

User impactUsers may need to inspect the included script themselves and ensure required local tools are available before use.
RecommendationPrefer skills with clear source/homepage metadata and declare required binaries such as curl and jq in the registry metadata.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
Config: `~/.clawdbot/credentials/prowlarr/config.json`

{
  "url": "https://prowlarr.example.com",
  "apiKey": "your-api-key"
}

The skill requires a Prowlarr API key stored locally, which grants access to the user's Prowlarr instance. This is expected for the stated purpose, but users should understand the account-level authority involved.

User impactAnyone or any agent run with this skill and access to the config can use the configured Prowlarr API key to query and manage that Prowlarr instance.
RecommendationUse a Prowlarr API key only for the intended instance, protect the config file, and rotate the key if the skill or local environment is no longer trusted.