v1.0.4

Music Creator

ReviewClawScan verdict for this skill. Analyzed May 2, 2026, 9:35 PM.

Analysis

The music-creation workflow is coherent, but it asks the agent to auto-install unpinned global/system packages and publish generated content through another skill without clear approval, while also requiring a MiniMax API key.

GuidanceInstall only if you are comfortable giving the agent a MiniMax API key, letting it install npm/pip/apt dependencies, and potentially publishing generated music pages. Before first use, ask the agent to show every command, confirm package versions and install locations, and require explicit approval before deployment.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

以下依赖 Agent 首次运行时自行检测，缺失则自动安装，无需用户参与 ... npm install -g mmx-cli ... pip install openai-whisper ... apt install ffmpeg ... pip install Pillow

The skill instructs the agent to automatically install unpinned third-party and system packages, including global npm, pip, and apt installs.

User impactThe agent could change the user's local environment or execute newly downloaded package code without a separate review step.

RecommendationRequire explicit user approval before each install, declare dependencies in metadata or an install spec, pin versions where possible, and avoid privileged/global installs unless necessary.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

按以下 7 个步骤顺序执行 ... 通过 deploy.py 注册索引并 sync_to_deploy() 统一推送

The standard workflow ends by deploying the generated page and static assets through another skill, but the visible instructions do not require final user confirmation or destination review.

User impactGenerated lyrics, song files, cover art, and metadata may be published or synced to a configured site before the user has reviewed the final output.

RecommendationAdd an explicit approval gate before deployment, show the files and destination URL/configuration, and allow users to stop after local generation.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

我需要一个 MiniMax API Key ... 请提供你的 API Key ... mmx auth login --api-key <用户提供的API_KEY>

The skill needs a MiniMax API key and logs the CLI in with it; this is purpose-aligned, but it is sensitive account authority.

User impactA MiniMax API key may allow API usage or charges under the user's account if mishandled.

RecommendationUse a scoped, revocable key if available, avoid sharing unrelated credentials, verify where mmx stores authentication, and revoke the key if it is no longer needed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

mmx text chat --model MiniMax-M2.7 --message PROMPT ... 参考以下素材融入歌词：{参考摘要}

The workflow sends prompts and summarized user reference material to the external MiniMax provider for generation.

User impactPrivate themes, reference text, or image-derived descriptions may be sent to MiniMax as part of normal operation.

RecommendationDo not provide confidential reference material unless you are comfortable sending it to MiniMax, and review the provider's data-use policy.