ClawHub

Music Discovery Guide

v1.0.0

Generates personalised music recommendations based on mood, genre, artist, or activity. Supports both mainstream discovery and underground/niche artist explo...

0· 74·0 current·0 all-time
by@tetsuakira-vk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, README, and SKILL.md all describe the same capability (personalised music curation). The skill declares no binaries, no env vars, and no primary credential, which is proportionate for a purely generative curation skill. Note: the registry metadata lists source as unknown and homepage none, so maintainership and provenance cannot be verified from the manifest.
Instruction Scope
SKILL.md instructs the agent only on how to generate recommendations, clarifying questions to ask, output formats, and hard rules like 'never fabricate artists, albums, or tracks.' It does not instruct reading files, environment variables, system config, or sending data to external endpoints.
Install Mechanism
The skill is instruction-only (no install spec or code files) so nothing is written to disk by the skill itself — low installation risk. The README contains an example 'npx clawhub@latest install tetsuakira-vk/music-discovery' command; if a user runs that, it will fetch and install code from the network, so users should inspect any fetched package before running it. The registry scan had no code to analyze.
Credentials
No environment variables, credentials, or config paths are requested; this is appropriate for a purely curation-focused instruction-only skill.
Persistence & Privilege
Skill is not marked 'always' and is user-invocable with normal autonomous invocation allowed. It does not request permission to modify other skills or system settings; no elevated persistence is requested.
Assessment
This skill appears coherent and low-risk: it only contains instructions for producing music recommendations and asks for no credentials. However, note that the registry lists no source/homepage and the README's install command (npx clawhub ...) would fetch code from the network if you choose to run it — inspect any package you download before executing. Also remember LLMs can hallucinate despite the 'never fabricate' rule: verify obscure artist/album claims (especially availability notes) before relying on them or sharing them publicly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f7nwvz3r4yx0q8m2j3c5p4n83k3kt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments