Tme Openapi
AdvisoryAudited by Static analysis on May 9, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may download and execute third-party package/browser code before the TME API workflow can proceed.
The login flow can install an unpinned PyPI package and Chromium browser binary at runtime; this is not represented by an install spec and modifies the current Python environment outside a pinned/reviewed install process.
[sys.executable, "-m", "pip", "install", "playwright"] ... [sys.executable, "-m", "playwright", "install", "chromium"]
Use a reviewed install step with pinned dependency versions, document the browser download in metadata, and ask the user before runtime installation.
Anyone or any later agent process with access to this local account can potentially reuse the cached TME session/token to act through the skill.
The skill obtains and persists a reusable TME web session and API token for about 30 days. This is purpose-aligned, but it grants ongoing account authority and the registry metadata declares no primary credential or required config paths.
`~/.tme-login/storage_state.json` | Playwright 完整存档(cookies + localStorage) ... `~/.tme-login/token.json` | `tmeHeaderToken` 快照 ... Token 有效期约 30 天
Install only on a trusted machine, protect ~/.tme-login, clear the cache when done, and declare the credential/session storage requirements in metadata.
If an available TME operator changes account, business, release, promotion, or other data, the agent could trigger that action under the user's account without a skill-level safety boundary.
Any supplied operatorCode and JSON arguments are sent to the generic invokeApi endpoint using the cached TME token. The artifacts do not bound which operators are safe, require confirmation for side-effecting operators, or provide rollback/containment.
payload = json.dumps({"name": api_name, "arguments": json.loads(arguments)}).encode("utf-8") ... url = f"{base_url}/musician/agent/operator/invokeApi"Review operator details before invoking, add allowlists or read-only defaults where possible, and require explicit user confirmation for operators that can modify data or publish results.