Back to skill
Skillv1.5.0
ClawScan security
Seerr Media Requests · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 3, 2026, 7:57 PM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions match its stated purpose (searching and requesting via Seerr), but the SKILL.md requires a Seerr URL and API key that are not declared in the registry metadata — an incoherence you should resolve before trusting it.
- Guidance
- Before installing: 1) Note that SKILL.md requires SEERR_URL and SEERR_API_KEY (an API key). The registry metadata did not declare these — ask the publisher to update the manifest so the platform can surface the secret requirement. 2) Only provide SEERR_API_KEY if you trust the Seerr instance and the skill author; treat it as a secret and verify how the platform stores it. 3) Understand that the skill will auto-request items (POST /api/v1/request) which can trigger downloads via Radarr/Sonarr — if you don't want automatic requests, request a version that asks for explicit confirmation before POSTing. 4) Test on a local or non-production Seerr instance first. 5) If you use this in Discord, verify the channel IDs and that the agent's messaging permissions are limited. 6) If possible, create a Seerr API key with minimal permissions and ask the developer to declare required env vars in the registry so the platform can enforce least-privilege handling.
Review Dimensions
- Purpose & Capability
- noteThe functionality described (search Seerr, request movies/TV, post status to Discord) is coherent and consistent with the skill name/description. However, the skill's published metadata lists no required environment variables while the SKILL.md explicitly requires SEERR_URL and SEERR_API_KEY — the manifest and runtime instructions are mismatched.
- Instruction Scope
- noteSKILL.md stays narrowly focused on the Seerr API and Discord messaging. It provides explicit curl examples and a clear workflow (search → filter → optionally auto-request → post messages). It does instruct the agent to auto-request unavailable items (POST /api/v1/request) and to send separate Discord messages; these behaviors are within the stated purpose but are actions with side effects (initiating download requests) and therefore worth user attention. SKILL.md references SEERR_URL and SEERR_API_KEY although those were not declared in the registry.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no shipped code — minimal install/write-to-disk risk.
- Credentials
- concernThe SKILL.md requires two environment values: SEERR_URL (base URL) and SEERR_API_KEY (secret). Those are proportional to the stated functionality, but the registry metadata lists no required env vars or primary credential. The omission is an incoherence: the skill needs a sensitive API key but the manifest does not declare it. Users should treat the SEERR_API_KEY as a secret and confirm how/where it will be stored and who can read it.
- Persistence & Privilege
- okThe skill is not configured 'always: true' and makes no claim to modify system-wide settings. Model invocation/autonomous operation is allowed (platform default) which means the agent could automatically call the Seerr API to request items — this is expected for the skill but is a behavior to be conscious of.