ClawHub

Kuwo

v0.1.0

Retrieve and summarize trending public playlists, songs, and artist metrics from Kuwo Music for analysis and lightweight reporting.

0· 105·0 current·0 all-time
by@mike47512
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (retrieve and summarize public Kuwo playlists, songs, artist metrics) matches the SKILL.md tasks (visiting public pages, extracting metadata and counts). No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
Runtime instructions are narrowly scoped to public-page retrieval and light analysis. The SKILL.md explicitly disallows downloads, interface reverse-engineering, bulk scraping, and automated login. It warns about dynamic rendering and recommends human verification before parsing, which constrains autonomous behavior.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk write/execute risk.
Credentials
No required environment variables, credentials, or config paths are declared or referenced. The note about 'login state' is limited and explicitly says not to automate login, so no extra secrets are needed.
Persistence & Privilege
always is false and the skill does not request elevated or permanent presence. Autonomous invocation is allowed (the platform default) but the skill's instructions constrain actions to public data only.
Assessment
This skill appears coherent and low-risk: it only describes visiting Kuwo public pages and summarizing visible metadata, and it requests no credentials or installs. Before installing, consider: (1) the package source is 'unknown' — ensure you trust the publisher; (2) scraping may still violate Kuwo's terms of service or robots.txt — avoid automated bulk scraping and respect rate limits; (3) dynamic pages may require a browser engine (not provided by the skill) — that could push implementers to add tools that increase risk; and (4) verify the agent will not attempt to log in or exfiltrate scraped data to external endpoints. If you need stricter guarantees, request a skill with an explicit, auditable implementation or require code review of any future install scripts.

Like a lobster shell, security has layers — review code before you run it.

latestvk976r65zratc019anb9z2qv3r58340r9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments