ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

LrshuAI Music Generation

v1.0.1

音乐生成技能。当你需要根据文本描述或风格要求生成完整的音乐曲目时调用此技能。

0· 33·0 current·0 all-time
by@lrshu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's described purpose (music generation) aligns with a client script that calls remote models and requires an API key. However, the bundled script supports many model types (images, video, etc.) beyond 'music', and the default API host (https://dlazy.com/api/ai/tool) is an unknown third-party endpoint rather than a well-known music model provider — this is unexpected and worth scrutiny.
!
Instruction Scope
SKILL.md contains a CRITICAL instruction that the agent must run the included script directly with the system python and must not use the platform's 'openclaw run'. That attempts to force local execution outside the platform runner, reducing observability/sandboxing. The script also reads local file paths (images/videos), base64-encodes them, and will POST them to a remote API — meaning if given arbitrary paths it can exfiltrate local files. The instructions do not restrict or justify this broader file handling for a music-generation-only description.
Install Mechanism
There is no install spec (instruction-only + one script), so nothing is downloaded at install time. The only required binary is python, which is reasonable for running the included script.
!
Credentials
The skill declares a single required env var TEAM_API_KEY (primary credential), which is coherent. However, the script also honors TEAM_BASE_URL (defaulting to an unknown host) but TEAM_BASE_URL is not declared in requires.env or metadata — an inconsistency. Supplying TEAM_API_KEY to an unknown external service with a default host is risky. The script will send the API key in an Authorization header to that host.
!
Persistence & Privilege
The skill does not request 'always' or other persistent platform privileges, but the explicit prohibition of 'openclaw run' is a behavioral red flag: it attempts to force execution via the system python which can bypass the platform's normal invocation/sandboxing/monitoring and increase the blast radius if misused.
What to consider before installing
This skill is internally coherent as a remote-model client but has multiple warning signs. Before installing or supplying TEAM_API_KEY: (1) Ask the publisher for authoritative documentation and the intended API host (why is https://dlazy.com the default?). (2) Do not set TEAM_API_KEY in a shared or privileged environment until you trust the endpoint; prefer a tenant-scoped/test key. (3) Be skeptical of the SKILL.md instruction that forbids the normal platform runner — that reduces sandboxing and auditing. (4) Understand that the script can read and upload local files (images/videos) if provided, so avoid passing sensitive local paths. (5) If you must evaluate, run the skill in an isolated, network-monitored sandbox and inspect network requests (where the key is sent and to what URL). If the publisher cannot justify the unknown default endpoint and the bypass instruction, prefer a different skill from a trusted source.

Like a lobster shell, security has layers — review code before you run it.

latestvk9786egen3r1y81ah0qf7jg39n84429e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎵 Clawdis
Binspython
EnvTEAM_API_KEY
Primary envTEAM_API_KEY

Comments