ClawHub

Sonarr

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Sonarr integration, but it can remove shows and optionally delete media files when the user directs it to do so.

Install only if you want an agent to manage your Sonarr library using your Sonarr API key. Verify the configured URL points to the intended Sonarr instance, protect the credential file, and approve remove or --delete-files commands only when you intentionally want the library entry or media files removed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest says the skill searches and adds shows, but the documentation also exposes removal and delete-files functionality. In security-sensitive environments, incomplete disclosure of destructive behavior undermines informed consent, review, and least-privilege approval, making accidental destructive use more likely.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The top-level documentation frames the skill as an additive library-management tool, but later introduces a removal command that can also delete files. That inconsistency makes the skill more dangerous in context because users may invoke or approve it expecting non-destructive behavior, while the actual interface permits irreversible actions.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill description says it searches and adds TV shows, but the script also implements a remove command that can delete series and optionally delete associated files. This mismatch expands the skill's effective permissions and can mislead users or higher-level agents into invoking destructive behavior they did not expect.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The remove command performs destructive actions immediately, and the optional --delete-files flag can permanently delete media files without any confirmation prompt or strong warning in the help text. In an agent-driven context, this increases the chance of accidental invocation leading to irreversible data loss.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal