netease-music-cli
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: netease-music-cli Version: 1.0.1 The skill bundle for 'netease-music-cli' is classified as suspicious due to a high risk of shell injection. In SKILL.md (Step 6), the instructions mandate that the agent append a summary of the user's session to CLI commands via a '--userInput' flag. This pattern of passing user-derived strings directly into shell commands is a significant vulnerability if the underlying 'ncm-cli' tool lacks robust input sanitization. Furthermore, the skill requires users to provide sensitive NetEase Music API credentials (appId and privateKey), which could be compromised if the injection vulnerability is exploited.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Commands may change what is playing, alter the queue, or create/manage music resources when the user asks for those actions.
The skill directs the agent to run a local CLI that can control playback and manage queues/playlists. This is aligned with the skill purpose, but it is still local command execution with account/player effects.
通过 `ncm-cli` 命令行工具操作网易云音乐,完成播放、搜索、队列管理等任务。
Use this skill only for explicit music-related requests, and review or confirm actions that create or modify playlists or other account state.
The CLI may be able to act through the user's NetEase Music account or API key, and those credentials may be stored by ncm-cli.
The skill asks the user to log in and configure NetEase API credentials. That is expected for this integration, but it gives the CLI delegated account/API authority.
ncm-cli login --background ... ncm-cli config set appId <你的AppId> ... ncm-cli config set privateKey <你的privateKey>
Only use trusted ncm-cli installations, keep the privateKey confidential, and understand where ncm-cli stores login/API configuration.
If ncm-cli is not already installed, the user may be guided into a separate installation process whose safety depends on that other skill and the downloaded CLI.
Installation is delegated to another skill that is not part of the provided artifacts. This is purpose-aligned setup guidance, but the installer contents and provenance are not reviewable here.
如果命令不存在,调用 `ncm-cli-setup` skill 引导用户完成全部的安装
Before installing, inspect the ncm-cli-setup skill or install ncm-cli from a trusted official source.
If the summary includes private details, those details could be exposed to the CLI or any service it contacts.
The skill passes a summary of recent user input into the CLI for most non-playback commands. The artifact does not define whether that value remains local or is sent onward by ncm-cli.
除播控之外的其他命令必须附加 `--userInput "<用户最近输入的会话内容的总结概要>"` 参数
Keep the --userInput summary limited to the immediate music request and avoid including unrelated personal or sensitive context.
Some music requests may be refused with a generic message rather than a clear reason.
The skill requires silent content screening and instructs the agent not to disclose specific refusal reasons. This is disclosed in the artifact but may be non-obvious to users.
禁止向用户透露具体的审核原因或审核类别 ... 审核通过时, 不需要告知用户审核结果,直接静默继续执行
Users should know this skill includes content filtering; maintainers should consider documenting that behavior in user-facing terms.