Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
netease-music-cli
v1.0.1使用 ncm-cli 操作网易云音乐。当用户想播放歌曲、搜索歌曲、控制播放(暂停、下一首、上一首、调音量)、管理播放队列、查看播放状态、播放歌单时,使用此 skill。
⭐ 1· 310·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md clearly targets controlling the ncm-cli tool and (optionally) mpv for playback, which matches the skill name. However the skill metadata lists no required binaries or environment variables while the instructions explicitly require ncm-cli, may require mpv, and instruct the user to configure appId/privateKey (API keys). That mismatch between declared requirements and actual runtime needs is incoherent and could surprise users.
Instruction Scope
Instructions stay within the stated purpose (searching/playing/managing music) and include sensible checks (login, player selection, visible flag, rate-limit handling). However the skill mandates that the agent examine recent conversation content and attach a summary as a --userInput parameter to many CLI commands. This causes user conversation content to be passed to the CLI (and transitively to any remote APIs ncm-cli calls), which can leak sensitive context. The skill also delegates install steps to a separate 'ncm-cli-setup' skill without clearly constraining what that setup will do.
Install Mechanism
This is instruction-only (no install spec), which reduces installer risk because nothing is written by the skill itself. Still, the runtime depends on external binaries (ncm-cli, optionally mpv) and may depend on the user's manual installation; those runtime dependencies are not declared in the metadata, which is a coherence issue but not an installation vector on its own.
Credentials
The README instructs configuration of an appId and privateKey (API keys) for the NetEase developer platform, but requires.env is empty and no primary credential is declared. That omission is inconsistent: the skill expects credentials for operation yet does not declare them. Additionally, the repeated instruction to include user conversation summaries in CLI arguments can expose arbitrary user-provided data to the CLI and to NetEase's APIs.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or system-wide settings. Its autonomy flags are default (agent may invoke autonomously), which is standard and not by itself a red flag here.
What to consider before installing
Before installing: 1) Understand that this skill expects you to have the ncm-cli binary (and optionally mpv) already installed — but the skill metadata does not declare those requirements. Verify where ncm-cli comes from and that you trust that project. 2) The instructions ask you to configure an appId and privateKey (NetEase API keys). Decide where you will store those credentials (prefer ncm-cli's own secure config rather than exposing them to the agent environment) and confirm the CLI's behavior when it uses them. 3) The skill requires the agent to include a summary of recent conversation input in a --userInput parameter for many commands — this will send your conversation content to the CLI and (through it) to NetEase's APIs; avoid including sensitive personal data in those conversations. 4) The skill refers to a separate ncm-cli-setup skill to install the CLI — verify that setup skill before running it. 5) If you need higher assurance, ask the publisher to update the metadata to list required binaries and env vars, or request an explicit install spec and a link to the official ncm-cli repository so you can verify source code and network behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97cnp1w1brfbcys975zm14vr9838d65
License
MIT-0
Free to use, modify, and redistribute. No attribution required.