grtninja/sonoscli
skill-candidates/sonoscli/SKILL.md
Control Sonos speakers (discover/status/play/volume/group).
$ install --global
skillsauthnpx skillsauth add grtninja/skill-arbiter sonoscliInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 5, 2026, 2:43 PM13.6s2 files scanned
SKILL.md
- name:
- sonoscli
- description:
- Control Sonos speakers (discover/status/play/volume/group).
Sonos CLI
Use sonos to control Sonos speakers on the local network.
Quick start
sonos discoversonos status --name "Kitchen"sonos play|pause|stop --name "Kitchen"sonos volume set 15 --name "Kitchen"
Common tasks
- Grouping:
sonos group status|join|unjoin|party|solo - Favorites:
sonos favorites list|open - Queue:
sonos queue list|play|clear - Spotify search (via SMAPI):
sonos smapi search --service "Spotify" --category tracks "query"
Notes
- If SSDP fails, specify
--ip <speaker-ip>. - Spotify Web API search is optional and requires
SPOTIFY_CLIENT_ID/SECRET. - If there is an error, check the troubleshooting section and offer advice if there is a decent match.
Troubleshooting
sonos discover - no route to host
- On error
Error: write udp4 0.0.0.0:64326->239.255.255.250:1900: sendto: no route to host (Command exited with code 1)- Note that the port number after
0.0.0.0:is ephemeral and will change and the netmask may not match exactly either - The
sendto: no route to hostshould stay consistent
- Note that the port number after
- Advise the user that in
direct(no Docker sandbox) mode on Mac OS that Settings -> Privacy & Security -> Local Network will need to be enabled for the top-level host parent process of the Gatewaynodeif running vialaunchdTerminalif running the gateway directly in the terminalVisual Studio Codeif running via terminal in VS Code
- An alternative option is to use
sandbox(docker container) with network access allowed for that sandbox
sonos discover - bind: operation not permitted
- On error
Error: listen udp4 0.0.0.0:0: bind: operation not permitted - Advise the user that they may be running via a Codex or other sandbox that does not permit network access (this can be replicated by running
sonos discoverwithin a Codex CLI session with sandbox enabled and not approving the escalation request)
Guardrails
- Use local or trusted tools only; avoid untrusted install pipelines.
- Do not paste secrets/tokens into chat output.
- Keep outputs in deterministic local paths for reproducible review.
Related Skills
grtninja/white-hat
tools
VerifiedTrustedCommunity
Run a defender-first security sweep on code, configs, prompts, model/tooling surfaces, or third-party contribution lanes. Use when a request involves safe bug, leak, zero-day-class, exploit, or hack hunting for protection, when contributing to outside repositories and you want a focused security pass, or when touching auth, secrets, permissions, network exposure, prompt/tool boundaries, data flow, or update/build surfaces. This skill is defensive only and must never be used for weaponization or unauthorized access.
2SKILL.mdUpdated Apr 22, 2026
grtninja/vrm-sandbox-startup-acceptance
development
VerifiedTrustedCommunity
Validate and repair VRM Sandbox startup acceptance with shim-first local model authority, frontend/backend bring-up, and avatar-runtime launch proof. Use when launch behavior, chat handoff, voice fallback, or runtime bridge acceptance must be verified end to end.
2SKILL.mdUpdated Apr 22, 2026
grtninja/voice-catalog-runtime-alignment
documentation
VerifiedTrustedCommunity
Align documented voice-command catalogs, endpoint action allowances, and live runtime handlers so operator-visible voice surfaces match what the stack can actually execute. Use when voice command docs, parser matrices, endpoint permissions, or runtime action routing drift apart.
2SKILL.mdUpdated Apr 22, 2026
grtninja/skillhub-trend-radar
development
VerifiedTrustedCommunity
Track SkillHub trend and topic drift, maintain a bounded rewrite watchlist, and surface emerging gaps worth turning into repo-owned skills. Use when the marketplace query set shows new families or when the current shortlist has gone stale.
2SKILL.mdUpdated Apr 22, 2026