Spotify Controller

PassAudited by ClawScan on May 1, 2026.

Overview

The skill matches its stated purpose of controlling Spotify, requiring expected Spotify credentials and a normal Python dependency with no artifact evidence of hidden collection or unrelated actions.

Install this only if you are comfortable giving the agent a Spotify refresh token that can read and control playback. Keep the credentials out of shared files or logs, revoke them if no longer needed, and consider installing Python dependencies in an isolated or pinned environment.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI02: Tool Misuse and Exploitation

What this means

If invoked, the agent can change what is playing on the user's Spotify account and which Spotify device is active.

Why it was flagged

The script exposes commands that change Spotify playback, volume, and active device. These mutations are disclosed and central to the controller purpose.

Skill content

elif cmd == "play": ... "/me/player/play" ... elif cmd == "volume": cmd_volume() ... elif cmd == "setdevice": cmd_setdevice(...)

Recommendation

Install only if you want the agent to control Spotify playback, and use it for explicit music-control requests.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any agent process with these environment variables can control Spotify playback within the granted scopes.

Why it was flagged

The skill requires Spotify OAuth credentials and scopes that allow reading playback state and modifying playback. This is expected for the stated purpose but is sensitive account authority.

Skill content

Environment variables: SPOTIFY_CLIENT_ID, SPOTIFY_CLIENT_SECRET, SPOTIFY_REFRESH_TOKEN ... scope=user-modify-playback-state user-read-playback-state user-read-currently-playing

Recommendation

Keep the .env file private, grant only the listed scopes, and revoke or rotate the Spotify app credentials if they are exposed or no longer needed.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Installing packages system-wide can change the runtime environment used by other tools or skills.

Why it was flagged

The setup asks the user to install an unpinned Python dependency into the system environment. The dependency is purpose-aligned, but it affects the local Python supply chain.

Skill content

Install dependency: uv pip install requests --system ... (Alternative: pip install requests)

Recommendation

Prefer a pinned dependency version or an isolated virtual environment/container layer when practical.