ClawHub

Sabnzbd

v1.0.0

Manage Usenet downloads with SABnzbd. Use when the user asks to "check SABnzbd", "list NZB queue", "add NZB", "pause downloads", "resume downloads", "SABnzbd status", "Usenet queue", "NZB history", or mentions SABnzbd/sab download management.

2· 1.8k·2 current·3 all-time
by@jmagar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, README, SKILL.md, and scripts/sab-api.sh all implement SABnzbd queue management and map directly to SABnzbd's API (add, pause, resume, history, speed, categories, etc.). The requested capabilities align with the skill's stated purpose.
Instruction Scope
The SKILL.md and README instruct the agent/user to create a credentials file at ~/.clawdbot/credentials/sabnzbd/config.json (or set env vars) and to run scripts/sab-api.sh. The runtime instructions stay within the SABnzbd API domain and do not attempt to read unrelated system files or call external endpoints beyond the configured SAB URL.
Install Mechanism
There is no install spec (instruction-only plus a helper script). That minimizes installation risk because nothing is downloaded or automatically executed by an installer. The script itself will run commands when invoked, but the repository does not declare an automated install mechanism.
!
Credentials
Registry metadata lists no required environment variables or binaries, but the script expects credentials (SAB_API_KEY and SAB_URL via config file or env vars SAB_API_KEY/SAB_URL/SAB_CONFIG) and uses external commands (curl, jq, python3). Requesting an API key for SABnzbd is appropriate for the purpose, but the metadata should declare these requirements — the mismatch is an incoherence that could mislead users about what secrets or tools are needed.
Persistence & Privilege
The skill is not forced-always, does not request system-wide changes, and does not modify other skills. It only reads a user-scoped config file under the home directory (or env vars) and invokes network calls to the configured SABnzbd URL.
What to consider before installing
This skill appears to do what it says — a CLI wrapper around the SABnzbd API — but there are a few things to check before installing: - The metadata omits required runtime items: the helper script expects an API key and URL (stored in ~/.clawdbot/credentials/sabnzbd/config.json or via SAB_API_KEY/SAB_URL/SAB_CONFIG) and relies on curl, jq, and python3. Make sure those binaries are present and that the skill owner adds these to the declared requirements. - The API key is sensitive. The skill will send that key to whichever SAB URL you configure. Only point it at a trusted SABnzbd instance (typically localhost or a machine you control). Do not point it at unknown remote hosts. - Inspect scripts/sab-api.sh yourself (you already have it); it appears to call only the configured SABnzbd URL and has no hidden external endpoints, but you should verify there are no modifications beyond what's included here. - Consider filesystem permissions for ~/.clawdbot/credentials/sabnzbd/config.json so other users/processes cannot read your API key. If you accept these conditions and trust the source, the skill is usable; if you require strict metadata-to-behavior alignment, ask the publisher to declare the env vars and required binaries before enabling it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cng9244p14dmrns4tq0d44n7zsyak

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments