ClawHub

Last.fm

v1.0.2

Access Last.fm listening history, music stats, and discovery. Query recent tracks, top artists/albums/tracks, loved tracks, similar artists, and global charts.

2· 2.5k·6 current·6 all-time
byGustavo Madeira Santana@gumadeiras
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md implements a straightforward Last.fm read-only client (calls to user.getrecenttracks, gettopartists, chart endpoints, etc.), which aligns with the skill name/description. However, the registry metadata lists no required env vars or primary credential while the SKILL.md clearly requires LASTFM_API_KEY and LASTFM_USER — an inconsistency between description and declared requirements.
!
Instruction Scope
The instructions tell the agent to read two environment variables and optionally a ~/.clawdbot/.env file (for API key and username). That is expected for an API client, but SKILL.md also contains a contradictory line ('No auth needed for read-only end') despite listing LASTFM_API_KEY as required. The SKILL.md otherwise only issues GET requests to Last.fm endpoints (via curl) and JSON-processing tips — it does not request unrelated files or credentials.
Install Mechanism
This is an instruction-only skill with no install spec and no code files; nothing is written to disk by an installer. That is the lowest-risk install mechanism.
Credentials
The only secrets the SKILL.md asks for are LASTFM_API_KEY and LASTFM_USER — appropriate and proportionate for a Last.fm client. The problem is the registry metadata does not declare these environment variables (or a primaryEnv), so the platform-level declaration and the runtime instructions disagree.
Persistence & Privilege
The skill does not request always:true, does not include an install that modifies other skills or system-wide settings, and is user-invocable only. There are no elevated persistence or privilege requests in the package.
What to consider before installing
This skill appears to be a simple Last.fm read-only client, but the package metadata does not list the environment variables the SKILL.md requires. Before installing: (1) confirm the skill's source or homepage (none provided) and prefer skills from known authors; (2) treat LASTFM_API_KEY as a secret — store it in a secure secrets store or the agent's credential manager rather than a world-readable ~/.clawdbot/.env file; (3) verify the skill's registry entry is updated to declare LASTFM_API_KEY as the primary credential and LASTFM_USER as required; (4) note the SKILL.md uses http:// for the base URL — prefer https:// when making API calls; and (5) if you need higher assurance, ask the publisher for a link to source code or a checksum of the SKILL.md so you can inspect changes. The present issues look like sloppy metadata/documentation rather than overtly malicious behavior, but the metadata/instruction mismatch is material and should be resolved before trusting the skill with your API key.

Like a lobster shell, security has layers — review code before you run it.

latestvk977gg6qygxa4ybh118nt1mtk57zesjm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments