Tme Openapi
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real TME API client, but it automatically installs browser automation dependencies and stores a long-lived TME login session that can be used to call arbitrary TME operator APIs.
Use this only if you trust the skill source and are comfortable with it installing Playwright/Chromium, storing TME login cookies and tokens under ~/.tme-login, and letting the agent call TME operator APIs. Review each operator before invoking it, especially if it may change account or business data.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may download and execute third-party package/browser code before the TME API workflow can proceed.
The login flow can install an unpinned PyPI package and Chromium browser binary at runtime; this is not represented by an install spec and modifies the current Python environment outside a pinned/reviewed install process.
[sys.executable, "-m", "pip", "install", "playwright"] ... [sys.executable, "-m", "playwright", "install", "chromium"]
Use a reviewed install step with pinned dependency versions, document the browser download in metadata, and ask the user before runtime installation.
Anyone or any later agent process with access to this local account can potentially reuse the cached TME session/token to act through the skill.
The skill obtains and persists a reusable TME web session and API token for about 30 days. This is purpose-aligned, but it grants ongoing account authority and the registry metadata declares no primary credential or required config paths.
`~/.tme-login/storage_state.json` | Playwright 完整存档(cookies + localStorage) ... `~/.tme-login/token.json` | `tmeHeaderToken` 快照 ... Token 有效期约 30 天
Install only on a trusted machine, protect ~/.tme-login, clear the cache when done, and declare the credential/session storage requirements in metadata.
If an available TME operator changes account, business, release, promotion, or other data, the agent could trigger that action under the user's account without a skill-level safety boundary.
Any supplied operatorCode and JSON arguments are sent to the generic invokeApi endpoint using the cached TME token. The artifacts do not bound which operators are safe, require confirmation for side-effecting operators, or provide rollback/containment.
payload = json.dumps({"name": api_name, "arguments": json.loads(arguments)}).encode("utf-8") ... url = f"{base_url}/musician/agent/operator/invokeApi"Review operator details before invoking, add allowlists or read-only defaults where possible, and require explicit user confirmation for operators that can modify data or publish results.