ClawARR Suite
ReviewAudited by ClawScan on May 10, 2026.
Overview
ClawARR Suite is coherent for media-stack management, but it includes broad control, API-key extraction, external tracker syncing, and Cloudflare-bypass guidance that users should review carefully.
Install only if you want an agent to manage your media stack. Run setup carefully, protect generated API keys, require previews for destructive or bulk actions, and be especially cautious with tracker sync and Cloudflare-bypass workflows.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Sonarr/Radarr/Plex/Tautulli/SABnzbd and related service credentials could be exposed to the agent session or logs during setup.
The setup flow explicitly extracts and prints service API keys. That is purpose-aligned, but high-impact because those keys can control media services and may be exposed in terminal/chat logs unless redaction and storage behavior are clear.
This auto-discovers services, extracts API keys, verifies connections, and outputs your config.
Run setup manually if possible, avoid pasting secrets into shared chats, review generated config before storing it, and rotate any keys that may have been exposed.
A user may underestimate when viewing history, ratings, watchlists, or library information could be sent to external tracker services.
The privacy claim is ambiguous because the same skill documents third-party tracker syncing of watch activity. Even if user-directed, the artifacts should clearly distinguish no hidden telemetry from intentional third-party sharing.
No telemetry/exfiltration paths: scripts do not transmit credentials or library data to third-party endpoints. ... Track and sync what you watch across services like Trakt.tv, Letterboxd, Simkl
Treat tracker sync as third-party data sharing; only enable it when you understand which data is sent and under which account.
Using this workflow may automate access to protected third-party sites in ways they do not permit.
The documentation explicitly describes bypassing Cloudflare/bot-protection for indexers. This is not hidden, but it is materially risky and may violate third-party service rules.
FlareSolverr — Cloudflare Bypass ... Proxy that solves Cloudflare challenges. Some indexers use Cloudflare protection that blocks automated access. ... It auto-handles challenges.
Avoid enabling FlareSolverr or similar bypass tooling unless you have a legitimate, permitted use and understand the legal and account risks.
Mistaken prompts or agent choices could add unwanted media, approve requests, pause downloads, or remove items.
Broad mutation authority is central to the stated purpose and is disclosed, but it can change downloads, requests, libraries, and service state.
gives your AI assistant full operational control over your entire *arr media stack ... Content Management | Add/remove movies & series ... Request Handling | Overseerr approval workflows, stats, bulk actions
Ask the agent to preview planned changes before approving actions that add, remove, approve, deny, pause, resume, or clean up content.
Your viewing activity, ratings, watchlists, or library-derived information may be shared with third-party tracker accounts.
The skill integrates with external tracker providers and can move viewing-history and account data between services. This is disclosed and purpose-aligned, but privacy-sensitive.
Sync my Plex watch history to Trakt ... Trakt.tv | Auth, history, ratings, watchlists, scrobbling, discovery, sync
Use tracker sync only for accounts you trust, and verify which direction each sync/export/import command uses before running it.
If configured, the agent may be able to run operational commands against your NAS or Docker host.
The skill is bash-script based and documents optional SSH-based control of companion services. This is expected for the media-management purpose, but it expands impact from local API calls to remote server operations.
SSH access for Docker-based companion services ... export RECYCLARR_SSH=mynas ... export KOMETA_SSH=mynas ... export UNPACKERR_SSH=mynas
Use a limited SSH account where possible, review commands before remote execution, and avoid configuring SSH access unless you need those companion-service workflows.