Kannaka Radio
WarnAudited by ClawScan on May 18, 2026.
Overview
The skill is mostly a disclosed local radio server, but its launcher points outside the packaged skill to run unreviewed server code and its metadata mentions an embedded Flux token fallback.
Review the package before installing or starting it. Confirm that the intended server/index.js, server modules, package.json, and dependencies are present and that scripts/radio.sh does not point outside the installed skill. Use your own Flux token only if you want remote publishing, and run the WebSocket radio server only on a trusted local network.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Starting the skill could run code that was not packaged or reviewed with this skill, and in some install layouts could execute an unintended local server/index.js with the user's privileges.
The launcher runs a Node server from three directories above the skill directory, while the supplied manifest does not include server/index.js or the claimed server modules. That places the main runtime code outside the reviewed artifact boundary.
RADIO_DIR="$(cd "$SKILL_DIR/../../.." && pwd)" # repo root
SERVER_JS="$RADIO_DIR/server/index.js"
...
node "$SERVER_JS" --port "$PORT" "${extra_args[@]}" &Do not start the skill until the package includes the intended server code and package files, or until the launcher is changed to resolve only inside the installed skill directory.
The skill may publish now-playing data to Flux using a shared or built-in credential rather than an explicit user-provided token, reducing user control over account identity and remote publishing.
The metadata discloses an embedded fallback credential for Flux publishing, even though Flux is described as optional and conditioned on FLUX_TOKEN use.
"FLUX_TOKEN reads from process.env.FLUX_TOKEN with embedded fallback — set env var for production"
Remove the embedded fallback and require an explicit user-set FLUX_TOKEN or a clear opt-in before any Flux publishing occurs.
Anyone who can reach the service may be able to observe radio state or participate in agent-facing message flows, depending on the server behavior.
The skill intentionally exposes unauthenticated WebSocket communication for its radio/agent features.
"WebSocket connections are unauthenticated — intended for local / trusted network use"
Run it only on localhost or a trusted network, and add authentication or firewall rules before exposing it beyond the local machine.