Skillv1.0.0

ClawScan security

win-music-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 9:59 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions require the third‑party Windows utility 'nircmd' and direct execution of cmd key‑send commands, but the skill metadata doesn't declare this dependency or OS constraints — an incoherent and potentially risky mismatch.
Guidance: This skill's instructions call the Windows utility 'nircmd' to send keypresses but the package metadata doesn't list that dependency or an OS requirement. Before installing: confirm you run Windows and are willing to install nircmd from its official source; understand that nircmd can do more than send keypresses (it can run commands, change system state), so only install it from a trusted site. Prefer skills that declare required binaries and provide installation steps or use built-in APIs. If you proceed, test in a safe environment and verify the exact commands the agent will run.

Review Dimensions

Purpose & Capability: concernThe name/description say 'control music playback', which is reasonable, but the runtime instructions call the external tool 'nircmd' to send keypresses. The skill metadata declares no required binaries and no OS restriction; nircmd is a Windows utility and should be listed as a required binary or install step. The missing dependency and OS assumption are inconsistent with the stated purpose.
Instruction Scope: concernSKILL.md instructs the agent to run cmd commands that invoke 'nircmd sendkeypress' to emulate keyboard shortcuts. While sending media keys aligns with controlling music, these instructions require executing arbitrary shell commands and depend on an external tool. There is no guidance about where nircmd must be installed, validation of its path, or safeguards — giving broad discretion to execute system commands is a scope concern.
Install Mechanism: noteThere is no install spec (instruction-only), which is lower risk in general. However, because the instructions rely on a specific third‑party binary (nircmd), the absence of an install or explicit dependency declaration is a missing piece: users must manually obtain nircmd for the skill to work. The skill should either declare the binary requirement or provide installation instructions from a trustworthy source.
Credentials: okThe skill requests no environment variables, credentials, or config paths, which is appropriate for a simple local media control skill.
Persistence & Privilege: okThe skill is not always-on, does not request special platform privileges in metadata, and is user-invocable only. That level of persistence is appropriate for this functionality.