AI-Music-Stream

v1.0.4

Generate AI music from text prompts and stream continuously in-browser with a shareable player URL; all tracks are saved locally in a library.

⭐ 0· 116·0 current·0 all-time

byJu-Chiang Wang@asriverwang

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for asriverwang/musestream.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "AI-Music-Stream" (asriverwang/musestream) from ClawHub.
Skill page: https://clawhub.ai/asriverwang/musestream
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install musestream

ClawHub CLI

Package manager switcher

npx clawhub@latest install musestream

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill's description and SKILL.md describe a Sonauto-backed music generator and local streaming server. However the registry metadata lists no required environment variables or primary credential, while the code and SKILL.md clearly require a Sonauto API key (SONAUTO_API_KEY) and a config.json. This discrepancy between what is declared and what is actually required is incoherent and should be corrected.

Instruction Scope

Most runtime instructions stay within the stated purpose (start server, call /start, save files). However the docs explicitly encourage replacing 'localhost' with an external IP or using tunnels/reverse proxies to expose the service and recommend the agent perform substitutions — this increases the risk of unwanted external exposure. The SKILL.md also tells the agent to collect contextual info (time, weather, location, traffic, mood) to craft prompts; collecting location/traffic data is privacy-sensitive and should be limited to what the user consents to. Overall the instruction set gives broad discretion to expose the server externally and to collect contextual data, which is beyond a minimal local music-generator scope.

✓

Install Mechanism

This is an instruction-and-code skill (no packaged install). It requires pip installing two common packages (flask, requests) from PyPI and running the included Python script. There are no downloads from unknown hosts, no archive extraction, and the restart script simply runs the included Python program via nohup — install risk is moderate-to-low but you should still review code before running.

Credentials

The code expects and uses SONAUTO_API_KEY (and optional MUSESTREAM_* config values stored in config.json) but the skill metadata declares no required env vars or primary credential. The server will persist logs (log.jsonl) and save generated audio to a user-specified directory. The messenger-bot integration mentioned in docs would likely require additional tokens, but no bot tokens are requested or declared. Requiring an API key and writing files is reasonable for this functionality, but the omission from declared requirements and lack of explicit guidance for secure secret storage is concerning.

ℹ

Persistence & Privilege

The skill does not request elevated platform privileges and is not always-enabled. It runs a local Flask server, writes saved audio and a JSONL log to the selected output directory, and starts itself via a simple restart script. The biggest persistence/privilege risk is network exposure: the README/SKILL.md encourage exposing the local server (substituting external IP or using tunnels) which materially increases blast radius if done without authentication and TLS. The skill itself does not automatically modify other agent/system configs.

What to consider before installing

Before installing: (1) Understand the missing declaration — the code requires a Sonauto API key (SONAUTO_API_KEY) via config.json or env, but the skill metadata lists none; do not share keys publicly or commit them to source control. (2) Review the musestream_server.py and restart script locally before running; the server will save generated audio and a log file in your chosen directory. (3) Do NOT expose the server to the internet without protections: add token-based auth, TLS reverse proxy, IP firewall rules, and rate-limiting as suggested in the README. (4) Be cautious about providing sensitive context (location, traffic) to the agent; limit context to what you consent to share. (5) If you plan messenger integration, expect to provide additional bot tokens — verify where and how those tokens are stored. (6) Ask the skill owner/registry to update the declared required env/credentials to reflect SONAUTO_API_KEY and any other secrets the code actually needs. If you are uncomfortable with these mismatches or exposing a local server, run the skill in an isolated environment (VM/container) or decline installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f62v5e8gvtbhy94a86sz6yd83kc7z

116downloads

0stars

5versions

Updated 1mo ago

v1.0.4

MIT-0

MuseStream Skill

AI music generation and streaming. Give the user a shareable player URL — music generates and plays continuously in their browser. All songs are saved to a local library.

Provider-agnostic — Sonauto is the default. Adding new music generation APIs requires only a config entry.

Features

Continuous streaming player — Agent sends user a URL; browser streams AI-generated music song after song with no interruption
Auto-queue — Automatically requests the next song after 120 seconds of playback while the browser window stays active; click "Stop Stream" or close the window to stop queuing and save your Sonauto credits
Shareable links — Player URLs can be shared externally; expose the server via a reverse proxy (e.g., Nginx, Caddy) or a tunnel (e.g., ngrok, Cloudflare Tunnel) with HTTPS and authentication to keep your stream secure
Context-aware prompts — The agent uses its own LLM to interpret user intent and real-world context (weather, mood, activity, location, traffic) into effective music generation prompts; the server also provides a rule-based fallback via /api/context
Persistent library — All generated songs are saved locally with metadata (title, tags, lyrics) and browsable via a built-in player
Mobile context UI — Form at /context-ui for sharing context from any device
Background save on stop — Clicking Stop finishes saving the current song before ending
Messenger bot integration — Connect MuseStream to your messaging bots (Telegram, Discord, Slack, etc.) so you can request AI music streams directly from a chat message and receive a playable link in reply

[!CAUTION] Remember to click Stop Stream or close the browser window when you're done listening. The auto-queue will keep requesting new songs every 120 seconds, which consumes your Sonauto credits.

Setup for Agent (first time)

0. Clone the repo

git clone https://github.com/asriverwang/openclaw-musestream.git ~/.openclaw/skills/openclaw-musestream

All subsequent commands assume MuseStream is located at ~/.openclaw/skills/openclaw-musestream. Adjust paths if you cloned it elsewhere.

1. Get Sonauto API key

Guide the user to sign up at https://sonauto.ai and copy their API key.

2. Configure environment

Once the user provides their key:

cp config.example.json config.json

Set the values in config.json:

{
  "SONAUTO_API_KEY": "<user's key>",
  "MUSIC_PROVIDER": "sonauto",
  "MUSESTREAM_OUTPUT_DIR": "<user's preferred path>",
  "MUSESTREAM_PORT": <user's preferred port>
}

Ask the user where they want generated songs saved. If they don't specify, remind them the default is ~/Music/MuseStream. Ask the user which port to use. If they don't specify, remind them the default is 5001. The agent should pick an available port to avoid conflicts.

3. Install dependencies

pip install -r requirements.txt

4. Start the server

./restart_musestream.sh
# Server at http://localhost:5001

The server loads config.json automatically at startup.

Quick start for agent

1. Check if server is running

curl -s http://localhost:5001/library | python3 -m json.tool | head -5

If it returns JSON → server is up. If connection refused → start it:

./restart_musestream.sh

2. Quick test

curl "http://localhost:5001/start?prompt=upbeat+indie+rock+morning+energy"

3. Generate music from a prompt

GET http://localhost:5001/start?prompt=<url-encoded description>

Returns { "url": "http://localhost:5001/player?s=<key>", "key": "...", "prompt": "..." }

Important: The agent must interpret and refine the user's prompt before calling /start. The server passes the prompt directly to Sonauto — it does not rewrite it. If the user says something non-musical (e.g., "a rock song about turtles flying", "music for a rainy afternoon"), the agent should use its own LLM to convert it into an effective music generation prompt describing artist, genre, era, mood, energy, usage context, and sonic texture.

Send the url to the user. They open it in a browser — music streams automatically.

Prompt guidelines for the agent:

If the prompt includes artist names, genres, or musical descriptors → pass through or improve slightly
Describe genre, era, mood, energy, usage, texture. No real song names.
Non-musical input → interpret and rewrite (e.g., "turtles flying" → "energetic rock with soaring melodies, playful and whimsical, bright guitar riffs")
Already-musical input → pass through or improve slightly
Examples of good prompts:
- "upbeat indie rock with jangly guitars, morning energy"
- "dark ambient electronic, late night focus, minimal percussion"
- "smooth jazz piano trio, warm and intimate, chill evening"

4. Generate from user context

Preferred approach: The agent should gather context from the user (time, weather, mood, activity, etc.), use its own LLM to synthesize a music prompt, and call /start?prompt=... directly.

Fallback: The server provides a rule-based context-to-prompt endpoint:

POST http://localhost:5001/api/context
Content-Type: application/json

{
  "time": "evening",
  "weather": "rainy",
  "mood": "relaxed",
  "activity": "working from home",
  "driving": "",
  "traffic": "",
  "destination": ""
}

Returns { "url": "...", "prompt": "<rule-based music prompt>", "key": "..." }

Mobile-friendly form: http://localhost:5001/context-ui (uses the rule-based engine)

5. Browse the library

GET http://localhost:5001/library      # JSON list of all saved songs
GET http://localhost:5001/             # Browser library player

6. Stop streaming

POST http://localhost:5001/stop
{"task_ids": ["<task_id>"]}

Current song finishes saving before stopping.

All endpoints

Endpoint	Method	Description
`/start?prompt=...`	GET	Create session → player URL
`/player?s=<key>`	GET	Streaming player page
`/generate?prompt=...&session=...`	GET	Start generation job
`/status/<task_id>`	GET	Check generation status
`/stream/<task_id>`	GET	Audio stream
`/metadata/<task_id>`	GET	Title, tags, lyrics
`/stop`	POST	Stop tasks `{"task_ids": [...]}`
`/api/context`	POST/GET	Context → prompt → player URL
`/context-ui`	GET	Mobile context form
`/library`	GET	JSON list of saved songs
`/files/<filename>`	GET	Serve saved audio (range-capable)
`/`	GET	Library player UI

Adding a new provider

Add an entry to PROVIDERS in musestream_server.py:

"myprovider": {
    "name":         "MyProvider",
    "register_url": "https://myprovider.com",
    "key_env":      "MYPROVIDER_API_KEY",
    "generate_url": "https://api.myprovider.com/v1/generate",
    "stream_base":  "https://api.myprovider.com/v1/stream",
    "status_url":   "https://api.myprovider.com/v1/status",
    "meta_url":     "https://api.myprovider.com/v1/songs",
    "audio_fmt":    "mp3",
    "mime":         "audio/mpeg",
},

Add a branch in start_generation() for the provider's payload format. Set "MUSIC_PROVIDER": "MyProvider" and "MYPROVIDER_API_KEY": "<your_key>" in config.json and restart.

Comments

Loading comments...