Back to skill
Skillv1.0.1
VirusTotal security
Spotify Controller · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:39 AM
- Hash
- f34ba3103d433e11efe170cfff1b691090327e8fc6998834212f713606e4629b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: spotify-controller Version: 1.0.1 The OpenClaw Spotify Controller skill is benign. Both the `SKILL.md` documentation and the `scripts/spotify.py` code are transparent and align with the stated purpose of controlling Spotify playback via its official Web API. The Python script securely handles Spotify API credentials from environment variables, uses the `requests` library for HTTP communication exclusively with `accounts.spotify.com` and `api.spotify.com`, and properly sanitizes user input for search queries using `urllib.parse.quote`. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts against the AI agent. The setup instructions are standard for OAuth 2.0 and Python dependency management.
- External report
- View on VirusTotal