v1.0.1

DJ set ripper

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:48 AM.

Analysis

The skill is mostly purpose-aligned, but it should be reviewed because untrusted tracklist text can drive local filename changes without adequate sanitization.

GuidanceBefore installing, review the external dj-mp3-sourcer dependency and downloader tools, use trusted URLs, inspect the extracted tracklist before downloads, and avoid running the filename normalizer until artist/title sanitization is added.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

scripts/normalize-filenames.sh

TARGET="${ARTIST} - ${TITLE}.mp3" ... mv "$MATCH" "$DIR/$TARGET"

Artist and title values are read from the supplied tracklist JSON and used directly in a destination path. The script does not strip slashes, '..', control characters, or other unsafe filename components before moving files.

User impactA crafted or malformed tracklist could rename or move downloaded MP3s outside the expected set folder, create confusing filenames, or disrupt the normalization step.

RecommendationSanitize artist/title values before using them as filenames, reject path separators and traversal components, use a safe basename-only filename function, and consider non-overwriting moves such as mv -n --.

Agent Goal Hijack

SeverityLowConfidenceMediumStatusNote

SKILL.md

Fetch the set URL and extract raw text (description, metadata, comments) ... Feed the raw page content to the model ... Raw content: """ {description_text} """

The skill intentionally feeds untrusted webpage and comment text into the model for parsing. That is purpose-aligned, but the artifacts do not add explicit guardrails telling the agent to treat embedded instructions as data only.

User impactA malicious or noisy page description could influence the extracted tracklist and lead to wrong downloads or filenames.

RecommendationTreat fetched page text strictly as untrusted data, validate the extracted JSON, and ask the user to confirm uncertain tracklists before launching downloads or renaming files.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

Same as [dj-mp3-sourcer](https://clawhub.ai/Robinnnnn/dj-mp3-sourcer) (yt-dlp, ffmpeg/ffprobe, spotdl). No additional dependencies.

The workflow depends on another skill and external downloader binaries whose exact versions and behavior are not included in these artifacts. This is disclosed and purpose-aligned, but provenance should be reviewed.

User impactThe actual download behavior depends partly on tools and an external skill outside this artifact set.

RecommendationReview and trust the dj-mp3-sourcer skill and required tools before use, and prefer pinned, known-good installations.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

Use `sessions_spawn` to parallelize downloads (batch of 3-5 at a time to avoid rate limits)

The skill instructs the agent to spawn parallel download sessions. The artifacts also say to wait for all sub-agents before renaming, which helps scope the behavior, but multiple sessions still require careful coordination.

User impactIf the extracted tracklist is wrong, several downloads may happen in parallel before the user notices.

RecommendationKeep batches small, pass only the minimum track query and output path to each spawned session, wait for completion, and review the final log before further actions.