Back to skill

Security audit

Apple Music

Security checks across malware telemetry and agentic risk

Overview

This Apple Music skill is a coherent guide, but it needs review because it teaches persistent library changes, playlist deletion, token use, and an unpinned external install without enough safety controls.

Install only if you are comfortable allowing an agent to control Apple Music and modify your library. Require explicit confirmation before delete or write actions, treat MusicKit tokens and .p8 keys as secrets, and review or pin the referenced MCP server before installing it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly documents deleting a user playlist but provides no warning that the action is destructive or should require explicit confirmation. In an agent setting, this increases the risk of accidental or ambiguous-user-intent deletion of music collections that may be difficult or impossible to reconstruct.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises access to listening history and recommendations without noting that these are privacy-sensitive personal data sources. An agent using this skill could retrieve or expose behavioral data about the user's music habits without informed consent or appropriate minimization.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The API workflow includes adding songs to the user's library and then adding them to playlists, but it does not warn that these operations modify the user's account state. In an agent context, undocumented state-changing behavior can lead to unintended library pollution or playlist changes from loosely phrased requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.