Apple Music
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: mcp-applemusic Version: 1.0.6 The skill bundle is suspicious due to two main factors: it instructs the agent to execute arbitrary AppleScript commands via `osascript` on macOS, which is a powerful local execution primitive, and it directs the agent to clone and install an external GitHub repository (`https://github.com/epheterson/mcp-applemusic.git`) using `git clone` and `pip install`. While the provided AppleScript examples are confined to the 'Music' application and the external repository is not analyzed here, the instruction to fetch and execute code from an external source introduces a significant supply chain risk, and the `osascript` capability, though currently benign, offers broad local execution potential.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may control Apple Music playback or query the current track through local AppleScript commands.
The macOS integration uses shell-invoked AppleScript to control the local Music app. This is disclosed and central to the skill's purpose, but users should notice that local automation commands may be run.
Run via Bash: osascript -e 'tell application "Music" to playpause'
Use this path only when you intend local Music app automation, and review generated AppleScript before allowing commands that change library data.
If allowed, the agent could make lasting changes to playlists or track metadata in the user's Music library.
The documented operation set includes destructive or persistent mutations such as deleting/renaming playlists, removing tracks, and editing track metadata. These actions are purpose-aligned for Apple Music management but should be user-directed.
Playlists | list, create, delete, rename, add tracks, remove tracks, get tracks ... Track Properties (Writable) ... set name of t to "New Name"
Require clear user intent and confirmation before destructive, bulk, or hard-to-reverse library and playlist changes.
Supplying MusicKit tokens can allow Apple Music library access through the API if used in that workflow.
The optional MusicKit API path requires Apple developer/account tokens for library access. This is expected for the integration, but it is still account-level authority that users should protect.
MusicKit API ... Setup required | Dev account + tokens ... Library access | Instant | With tokens
Use the least-privileged tokens available, avoid sharing or logging them, and confirm what library actions will be performed before authorizing API use.