Suno AI
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is built to automate Suno with saved browser sessions while evading CAPTCHA/automation checks, and it accesses local cookies and API keys beyond what the metadata declares.
Avoid installing this skill unless you fully understand and accept the risks of automated CAPTCHA bypass, saved Suno browser sessions, local cookie extraction, and OpenRouter API usage. If you test it, use a dedicated Suno account and browser profile, remove saved cookies afterward, monitor OpenRouter charges, and do not use it on accounts you cannot risk losing.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
No VirusTotal findings for this skill version.
- Malicious
- 0
- Suspicious
- 0
- Harmless
- 0
- Undetected
- 66
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this skill may violate Suno or hCaptcha anti-automation rules and could put the user's Suno account, credits, or access at risk.
The skill patches an hCaptcha challenger, screenshots CAPTCHA tiles, classifies them with a model, and clicks the selected tiles, showing automated CAPTCHA solving rather than ordinary browser automation.
install_hcaptcha_openrouter_patch() ... task_locator.screenshot(type="png", path=tile_path) ... should_click = await _classify_hcaptcha_tile(...) ... await self.click_by_mouse(task_locator)
Do not use automated CAPTCHA solving or anti-bot bypass flows; use an official Suno API or require a human to complete challenges directly.
The skill may cause automated actions to look like normal human browser activity, increasing account and policy risk.
The browser launch intentionally hides automation indicators and weakens sandboxing, which is consistent with anti-detection automation used alongside the CAPTCHA-solving flow.
ignore_default_args=["--enable-automation"], args=["--disable-blink-features=AutomationControlled", "--no-sandbox", "--disable-dev-shm-usage"] ... Object.defineProperty(navigator, 'webdriver', { get: () => undefined });Remove stealth/anti-detection settings and avoid weakening browser sandboxing; make any browser automation transparent and user-controlled.
A copied Suno session cookie can let automation act as the logged-in user and consume credits or access account information.
The skill can read the user's live Chromium cookie database and extract Suno cookies, a high-impact session credential source not declared in the registry metadata.
DEFAULT_LIVE_CHROMIUM_COOKIE_DB = Path.home() / "snap" / "chromium" / "common" / "chromium" / "Default" / "Cookies" ... SELECT ... FROM cookies WHERE host_key LIKE '%suno.com%'
Require explicit opt-in before reading browser cookie stores, use a dedicated browser profile, declare the credential/config paths, and disable live browser cookie export by default.
The skill may spend or expose use of a user's OpenRouter account for CAPTCHA-solving without the credential requirement being clear at install time.
The code reads OpenRouter credentials from environment variables or the global OpenClaw .env file, while the skill metadata declares no required environment variables or primary credential.
for name in ("OPENROUTER_API_KEY", "OPENCLAW_OPENROUTER_API_KEY") ... OPENCLAW_ENV = Path.home() / ".openclaw" / ".env"Declare OpenRouter credentials in metadata, ask for user approval before use, and avoid reading global credential files implicitly.
Images from the browser automation flow leave the local machine for a third-party AI provider, which may have privacy, cost, and account-policy implications.
CAPTCHA or page-derived screenshots are converted to image data URLs and sent to OpenRouter, but the SKILL.md does not clearly disclose this external data flow.
contents.append({"type": "image_url", "image_url": {"url": _image_to_data_url(image)}}) ... client.post("https://openrouter.ai/api/v1/chat/completions", headers={"Authorization": f"Bearer {self._api_key}"}, json=payload)Document exactly what data is sent to OpenRouter, require explicit consent, and provide an option to disable third-party image solving.
The reviewed files do not fully describe which dependency versions will execute on the user's machine.
The runnable behavior depends on a local ~/.suno virtual environment that is not installed or pinned by the supplied artifacts.
PYTHON_BIN="${SUNO_PYTHON_BIN:-$HOME/.suno/venv/bin/python}" ... exec "$PYTHON_BIN" "$(dirname "$0")/generate_song.py" "$@"Provide a complete install specification, dependency lockfile, and provenance for the Python runtime and packages.