Suno Browser Songmaking
v0.1.0Browser-based song creation with Suno (suno.ai), including gathering a song brief, generating lyrics, setting Persona/Custom mode, and producing new tracks. Use when the user asks to make a new song with Suno or to automate Suno in a browser session.
⭐ 2· 1.8k·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (browser automation for Suno song creation) align with the SKILL.md and referenced runbook. The required actions (collect brief, open Suno, set Persona/Custom, paste lyrics, generate, deliver links) match the stated purpose and do not ask for unrelated capabilities.
Instruction Scope
Instructions are specific and limited to interacting with the Suno web UI. They do instruct the agent to use either the user's Chrome relay (if already logged in) or an isolated OpenClaw browser and to ask the user to log in if needed. That implies access to the user's browser session (tabs/cookies) when using the Chrome relay—expected for this use case but worth user attention. The runbook contains a concrete example ('Anchor Protocol' and a given style string) that appears to be a template/example rather than exfiltrative behavior. No steps reference unrelated files, environment variables, or hidden external endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is the lowest-risk install mechanism; nothing will be written to disk or fetched during install.
Credentials
The skill declares no environment variables, no credentials, and no config paths. That is proportionate for a browser automation runbook that relies on the user's existing web session rather than stored secrets.
Persistence & Privilege
always:false and no install means the skill does not request permanent inclusion or elevated platform privileges. However, runtime behavior can access the user's browser session (when using Chrome relay) which carries sensitive data (cookies, open tabs). This is expected for a browser automation skill but increases the runtime blast radius if the agent is granted access to a logged-in profile.
Assessment
This skill is coherent and limited to automating Suno in a browser; it does not install software or ask for API keys. Before using it, decide whether you are comfortable granting the agent access to a browser session: if you choose Chrome relay and attach a logged-in tab, the agent may see session cookies and other open tabs tied to that profile. Prefer the isolated browser profile if you do not want the agent to touch your personal browser data. Also review any generated content (titles, lyrics, persona selections) before sharing or publishing for IP or privacy concerns. If ever asked to paste credentials into a UI or external form, verify the prompt is legitimate—this skill should only ask you to log into Suno through the normal website flow.Like a lobster shell, security has layers — review code before you run it.
latestvk97e8gxmcg3gv4yd8hawfkcb8980kvna
License
MIT-0
Free to use, modify, and redistribute. No attribution required.