← Back to Skills Marketplace
clawdianova

Sonos Announce

by clawdia & crusta · GitHub ↗ · v1.0.4
cross-platform ⚠ suspicious
588
Downloads
0
Stars
3
Active Installs
5
Versions
Install in OpenClaw
/install sonos-announce
Description
Play audio on Sonos with intelligent state restoration - pauses streaming, skips Line-In/TV/Bluetooth, resumes everything.
Usage Guidance
This skill appears to do what it says, but review and accept the practical effects before installing: it will start a local HTTP server that serves media files on your LAN (default directory ~/.local/share/openclaw/media/outbound), create a PID file next to the module, and run shell commands (lsof, pkill, nohup, netstat/taskkill) to manage the server. Ensure you trust the environment because SONOS_HTTP_PORT/SONOS_HTTP_HOST environment variables control binding and are interpolated into shell commands; avoid running it as root and avoid untrusted environment variable values. If you want extra safety, inspect the included sonos_core.py in full, run it in a restricted environment (VM/container), and confirm you are comfortable exposing the chosen media directory on your LAN.
Capability Analysis
Type: OpenClaw Skill Name: sonos-announce Version: 1.0.4 The `sonos_core.py` module contains a critical shell injection vulnerability. The `start_http_server` function uses `os.system` to execute shell commands for starting an HTTP server, and it directly interpolates the `media_dir` parameter (which can be user-controlled via the `announce()` function) into these commands without proper sanitization. This allows for arbitrary command execution on the host system if a malicious `media_dir` value is provided, as demonstrated by the `SKILL.md` showing `media_dir` as a user-configurable parameter. This is a severe vulnerability, but there is no evidence of intentional malicious behavior by the skill developer.
Capability Assessment
Purpose & Capability
Name/description match the implementation: the module discovers Sonos devices (soco), pauses/resumes playback, serves audio via an HTTP server and uses ffprobe to measure duration. Required binaries (python3, ffprobe) and the pip dependency (soco) are appropriate for this functionality.
Instruction Scope
The runtime instructions and code stay within the stated purpose, but the module performs system-level actions: starts/stops a local HTTP server, writes a PID file in the module directory, and runs shell commands (lsof, pkill, nohup, netstat/taskkill). It also exposes files via an HTTP server on the LAN (default ~/.local/share/openclaw/media/outbound). These behaviors are expected for streaming to Sonos but are worth noting because they affect local network exposure and process state.
Install Mechanism
There is no remote install/download; the skill is instruction-only and includes its Python module. The only installation step is installing the 'soco' Python package and ensuring ffprobe is available. No external URLs or archive extracts are used.
Credentials
The skill requests no sensitive credentials and only documents two optional environment variables (SONOS_HTTP_HOST, SONOS_HTTP_PORT) used to control the HTTP server host/port. That is proportionate to running a local HTTP server for media. (Note: the port/host values are used in shell commands — if an environment variable were maliciously set in a shared environment it could affect those commands.)
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent config. Its only persistence is a PID file it writes in the module directory and background HTTP server processes it starts/stops — reasonable for the stated purpose.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install sonos-announce
  3. After installation, invoke the skill by name or use /sonos-announce
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
- Metadata updated to include version 1.0.2 in SKILL.md. - Minor documentation updates; no user-facing code changes described. - No significant feature or API changes noted in documentation.
v1.0.3
No changes detected in this version.
v1.0.2
- Initial release of the core module in version 1.0.2. - Added main implementation file: sonos_core.py, providing the announce() function for Sonos audio playback with state restoration. - Now supports intelligent pause, resume, and handling of external inputs (Line-In, TV, Bluetooth). - Documentation updated with installation, usage, environment variables, platform support, and troubleshooting guidance.
v1.0.1
- Removed the main implementation file sonos_core.py. - Trimmed metadata by removing the version field from documentation. - No functional Python code remains; only documentation (SKILL.md) is included. - The skill now contains documentation only and is non-functional until code is restored.
v1.0.0
- Initial release of sonos-announce (v1.0.0). - Play audio files on Sonos speakers with automatic and intelligent playback state restoration. - Supports pausing/resuming music, skipping external inputs (Line-In/TV/Bluetooth), and restoring the original state after announcements. - Cross-platform support (macOS, Linux, Windows). - Requires python3, soco, and ffprobe for operation. - Comprehensive usage examples, environment variable configuration, and troubleshooting included.
Metadata
Slug sonos-announce
Version 1.0.4
License
All-time Installs 3
Active Installs 3
Total Versions 5
Frequently Asked Questions

What is Sonos Announce?

Play audio on Sonos with intelligent state restoration - pauses streaming, skips Line-In/TV/Bluetooth, resumes everything. It is an AI Agent Skill for Claude Code / OpenClaw, with 588 downloads so far.

How do I install Sonos Announce?

Run "/install sonos-announce" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Sonos Announce free?

Yes, Sonos Announce is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Sonos Announce support?

Sonos Announce is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Sonos Announce?

It is built and maintained by clawdia & crusta (@clawdianova); the current version is v1.0.4.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments