Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Media Cli Local
v1.0.0Single-file bash CLI for the *arr media stack. Manage Sonarr, Radarr, Prowlarr, qBittorrent, Bazarr, Jellyseerr, and Tdarr from the terminal or via AI agents...
⭐ 0· 65·0 current·0 all-time
bySolomon Neas@solomonneas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md describes a local CLI for Sonarr/Radarr/Prowlarr/qBittorrent/Bazarr/Jellyseerr/Tdarr which coherently explains why it needs bash, curl, and python3. However the registry metadata lists no required binaries or credentials, which is inconsistent with the documented requirements and setup behavior.
Instruction Scope
Instructions tell the agent/user to git clone an external GitHub repo, run the script, and run an interactive 'media setup' that collects API URLs and keys and writes them to ~/.config/media-cli/config. The SKILL.md claims 'localhost only' and 'no telemetry', but there is no packaged code in this skill for us to verify those assertions. The instructions also direct cloning and execution of external code — the agent could be told to run those commands and would download and execute third-party code.
Install Mechanism
There is no install spec in the registry (instruction-only). The SKILL.md instructs cloning from https://github.com/solomonneas/media-cli and copying a script into PATH. Downloading and executing code from GitHub is common but not vetted by the registry — the install step is external to the skill and should be reviewed/counted as an explicit external download by the user.
Credentials
The skill will ask for many local service API URLs and keys (Sonarr/Radarr/Prowlarr/qBittorrent/etc.) and stores them in ~/.config/media-cli/config, but the registry metadata declares no required credentials or primaryEnv. The absence of declared credentials is a mismatch; users should expect to provide and protect multiple service API keys even if they are local-only.
Persistence & Privilege
always is false and the skill does not request permanent platform presence. The only persistent action described is writing a local config file (chmod 600) which is normal for a CLI; there is no evidence it modifies other skills or global agent settings.
Scan Findings in Context
[no_regex_findings] expected: The static regex scanner found no matches — expected because this is an instruction-only skill with no bundled code. This absence does not verify the external repository the instructions ask you to git clone.
What to consider before installing
This skill points you to an external GitHub script and tells you to run it locally and enter API URLs/keys for many local services. Before installing or running anything: 1) Manually inspect the repository and the single bash script (or ask the author for a specific commit/sha) — do not run arbitrary scripts without review. 2) Verify the script's network behavior (ensure calls are truly localhost-only and there's no telemetry/exfiltration). 3) Treat the setup wizard as sensitive: only enter API keys for services you control locally, and verify the config file permissions (chmod 600). 4) If you want the registry metadata to match practice, request the skill author add declared binaries (bash, curl, python3) and list that API keys will be required. 5) If you allow an AI agent to run this skill autonomously, be aware it will execute shell commands that download and run external code — only permit that after code review.Like a lobster shell, security has layers — review code before you run it.
latestvk972xmd867wbrjgv7n5j4tgrsn83any8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.