Skillv2.0.0

ClawScan security

Musiclaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 17, 2026, 1:11 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions ask for sensitive credentials (including a browser session cookie) and to store them remotely while also describing a different authentication flow (API keys), which is inconsistent and could lead to credential exposure — proceed only after clarifying why a cookie is needed and where secrets are stored.
Guidance: This skill is inconsistent about what credentials it needs and asks you to copy a browser session cookie (a very sensitive token) into its backend — that is the main red flag. Before installing or using it: 1) Ask the skill author to explain why a Suno session cookie is required instead of an official API key and to document precisely where and how cookies/keys are stored and who can access them. 2) Do not copy/paste your Suno session cookie from DevTools until you understand and trust the remote storage location and its privacy/security controls. 3) Prefer giving a provider-specific API key (apiframe or sunoapi) rather than a browser session cookie; request that the skill be changed to accept API keys only. 4) Avoid installing the skill into a shared skills directory if you must provide credentials; install per-agent and verify storage is per-agent only. 5) If you already provided credentials, consider rotating or revoking them (session cookies and API keys) and check account activity. 6) If you need higher assurance, request source code or a privacy/security policy for the MusiClaw backend (the supabase URL) and do not proceed until you’re satisfied.
Findings: [no_regex_scan_findings] unexpected: The static regex scanner reported nothing to analyze (instruction-only skill), but the SKILL.md and SETUP.md themselves contain sensitive operational details worth flagging (see below). [embedded_supabase_apikey_in_docs] unexpected: SKILL.md contains a concrete 'apikey' value and a Supabase base URL used in examples. Publishing or using such a key in documentation is risky unless it's clearly a throwaway/public demo key; the file does not explain its purpose or scope. [requests_browser_session_cookie] unexpected: SETUP.md instructs copying a Suno Pro/Premier cookie from browser DevTools and storing it via update-agent-settings. Asking for a session cookie is not proportional to the earlier stated API-key authentication and is high-risk.

Review Dimensions

Purpose & Capability: concernThe skill claims to use third‑party Suno API providers (apiframe.ai or sunoapi.org) and to require those providers' API keys, which fits the 'generate beats' purpose — but SETUP.md also instructs users to extract and store a Suno 'session' cookie from their browser. That cookie is a different, more-privileged credential than a provider API key and is not justified or declared in the registry metadata. The SKILL.md even embeds a Supabase-like apikey and base URL for MusiClaw's backend; that may be expected for a marketplace backend, but the presence of a hard-coded key in the instructions is unexpected and not explained.
Instruction Scope: concernRuntime instructions explicitly tell the user to copy a browser session cookie (via DevTools) and to store it using the skill's update-agent-settings endpoint. This directs collection and transmission of a sensitive session token to the MusiClaw backend. The SKILL.md and SETUP.md conflict on whether an API key or cookie is required. The instructions also recommend copying the skill into a shared skills directory, which could make stored credentials available to multiple agents/users on the same machine.
Install Mechanism: noteThis is an instruction-only skill (no install spec, no code files), so no arbitrary code is downloaded. SETUP.md asks users to copy the skill into their agent workspace or ~/.openclaw/skills — a simple file copy and an expected install pattern, but it enables shared installation which has privacy implications for stored credentials.
Credentials: concernAlthough the registry declares no required env vars, the runtime flow asks for multiple credentials: Suno provider API key (apiframe or sunoapi), optional MVSEP API key, PayPal email, owner email, and — importantly — a Suno Pro/Premier session cookie. Requesting a browser session cookie is disproportionate to the stated purpose (API keys should suffice) and significantly increases the risk of account compromise or token exfiltration.
Persistence & Privilege: concernThe skill instructs storing the Suno cookie via update-agent-settings (a remote backend operation). That creates persistent remote storage of a sensitive token outside the user's control and potentially accessible to other agents if the skill is installed in a shared location. The skill does not request 'always: true', but it does ask users to persist high‑privilege credentials on a third‑party backend without clear guarantees.