ClawHub

Lidarr

v1.0.0

Search and add music to Lidarr. Supports artists, albums, and quality profiles (FLAC preferred).

2· 1.5k·5 current·6 all-time
by@rappo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description ask to search/add music to Lidarr. The shipped script calls the Lidarr HTTP API (via a user-provided url and apiKey in ~/.clawdbot/credentials/lidarr/config.json) and uses only curl/jq as declared — coherent with the stated purpose.
Instruction Scope
SKILL.md instructs creating a local config file with Lidarr URL and API key and then running the included bash script. The script only reads that config file and makes HTTP calls to the configured Lidarr API endpoints; it does not read other unrelated system files or environment variables in the shown portion.
Install Mechanism
No install spec — it's instruction-only with an included script. It requires standard CLI tools (curl, jq) already declared. There are no downloads or archive extraction steps.
Credentials
No environment variables or unrelated credentials are requested. The only secret is the Lidarr API key stored in the local JSON config file, which is appropriate and proportional for a local Lidarr controller script.
Persistence & Privilege
always is false and the skill does not request system-wide changes in the visible code. There is nothing that indicates it modifies other skills or global agent settings.
Assessment
This skill appears coherent and limited to controlling a Lidarr instance, but check these before installing: - Inspect the full scripts/lidarr.sh file yourself (the provided listing was truncated) to confirm there are no unexpected network endpoints or commands in the remaining sections. - The skill requires storing your Lidarr API key in ~/.clawdbot/credentials/lidarr/config.json; ensure that file has restrictive permissions (chmod 600) and that the configured url points to a trusted Lidarr instance on your network. - Because the script issues HTTP requests to whatever URL you configure, do not point it at unknown or public hosts you don't control. If you suspect misuse, revoke the Lidarr API key and recreate a new one. - If you need greater assurance, run the script in a restricted environment (container or isolated user) so the scope of access is limited.

Like a lobster shell, security has layers — review code before you run it.

latestvk971ajbr3npd8hj3x22wkrzgb980jr34

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎵 Clawdis
Binscurl, jq

Comments