Back to skill

Security audit

Netease Music Pusher

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says, but it saves reusable Netease login cookies locally while underplaying that they are sensitive account credentials.

Review before installing. Use it only if you are comfortable storing Netease session cookies on disk, protect or delete /root/.openclaw/workspace/secrets/netease_cookies.json when needed, avoid entering phone numbers or SMS codes in shared terminals, and add the cron job only if you want recurring automated account access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The client persists authentication cookies to a fixed file path under /root without any encryption, permission hardening, expiry handling, or user disclosure. If the host is shared or compromised, those cookies can be reused to access the user's music account session and personalized data without re-authentication.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README instructs users to log in with a phone number and SMS verification code and later states that authenticated cookies are saved locally, but it does not clearly warn that these values are sensitive authentication material. This can lead users to expose credentials in shell history, screenshots, shared terminals, or poorly protected local files, increasing the risk of account takeover if the cookies are copied.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
文档明确说明会将登录后的 Cookies 保存到本地文件 `secrets/netease_cookies.json`,但没有提示这等同于持久化账号会话凭据。若该文件被其他本地用户、备份系统或日志/同步工具读取,攻击者可能复用会话访问用户的网易云账号能力,带来隐私泄露和账号滥用风险。

Missing User Warnings

Medium
Confidence
88% confidence
Finding
文档要求用户在命令行中输入手机号和短信验证码,这些都属于敏感个人信息或一次性认证信息,但没有提醒用户相关风险。命令行参数可能出现在 shell 历史、进程列表、审计日志或运维监控中,导致手机号泄露或验证码被短时间窃取并用于冒用登录。

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Login cookies are written to disk silently, so users are not informed that an authenticated session artifact is being retained after login. This increases the risk of unintended credential persistence and session theft, especially because the file is stored in a predictable secrets path and loaded automatically later.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.