Skillv2.4.0

ClawScan security

SoundCloud Watcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 30, 2026, 7:05 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a SoundCloud-monitoring plugin and its requested files/credentials are proportionate, though registry metadata omits the credentials and file paths the plugin actually requires.
Guidance: This plugin appears to do what it says: monitor your SoundCloud account using the SoundCloud API and store plugin state under ~/.openclaw. Before installing: 1) Confirm the repository and package authors (README/package.json point to a GitHub repo and npm package) and prefer installing from the official source (git or npm) rather than unknown mirrors. 2) Be aware you must provide your SoundCloud Client ID/Client Secret and username; these are stored under ~/.openclaw/secrets/soundcloud.env and the plugin may also persist an access token in the same file. Ensure that file has restrictive filesystem permissions (e.g., 600). 3) Verify the registry metadata mismatch (the top-level metadata in the listing omitted required env/config paths) — that likely indicates an oversight in the registry entry, not malicious intent, but you should confirm the package source before trusting secrets to it. 4) If you need higher assurance, review the full plugin code in the referenced GitHub repo and verify it only calls api.soundcloud.com and does not include any other network endpoints. 5) To remove, follow the README uninstall steps and delete the secrets/data files. If you want me to, I can (a) fetch and compare the referenced GitHub repo code against these files, or (b) search the rest of the truncated source for any networking endpoints beyond api.soundcloud.com.

Review Dimensions

Purpose & Capability: noteThe plugin claims to monitor a SoundCloud account and the code implements that: it reads a local secrets file, calls the SoundCloud API, and stores tracking data under ~/.openclaw. However the registry metadata at the top of the report claimed 'no required env vars / config paths', while the included openclaw.plugin.json and SKILL.md require SOUNDCLOUD_CLIENT_ID, SOUNDCLOUD_CLIENT_SECRET, MY_USERNAME and specific ~/.openclaw paths — a metadata mismatch that should be clarified.
Instruction Scope: okSKILL.md instructs the agent to install/enable the plugin, place SoundCloud credentials in ~/.openclaw/secrets/soundcloud.env, and run cron or command triggers. The runtime instructions and commands map to code handlers; there are no instructions to read unrelated system files or exfiltrate data outside the SoundCloud API. The plugin reads/writes only its own ~/.openclaw files (secrets, data, backoff state).
Install Mechanism: okThis is an instruction-only plugin in the registry (no install spec). The package includes TypeScript source files and package.json, but there is no external download-from-URL or unexpected installer. No high-risk install behavior (no URL shorteners, no archives being downloaded at runtime) is present in the provided files.
Credentials: noteThe environment/secret requirements (SoundCloud client ID/secret and username) are appropriate and expected for a SoundCloud integration. The plugin also persists an access token to the same secrets file and stores state in ~/.openclaw/data; this is typical. However, the registry-level metadata claims no required env vars or config paths while the plugin manifest and SKILL.md clearly require them — this discrepancy is unexpected and merits confirmation before installing.
Persistence & Privilege: okThe plugin requests no elevated platform privileges (always: false) and does not attempt to modify other plugins' configs. It persists only its own state under ~/.openclaw and writes a saved access token to its secrets file, which is consistent with its function.