Bumblebee
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Bumblebee appears to be a legitimate Spotify music-control skill, but it asks for broad Spotify OAuth permissions and stores a long-lived refresh token.
Only install this if you are comfortable giving the agent Spotify account access. Prefer reducing the OAuth scopes to playback, current playback, recent/top listening, and search unless you specifically need playlist or library modification. Keep the tokens.json and .env files private and revoke the Spotify app authorization if you uninstall the skill.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this token is misused or later code uses the extra permissions, it could change the user's Spotify library or public/private playlists, not just play music.
The setup asks the user to authorize broad Spotify account permissions, including modifying the user's library and public/private playlists. Those permissions are higher-impact than the visible playback and queue-control workflows and are not tightly bounded.
SCOPES="playlist-read-private playlist-read-collaborative streaming user-modify-playback-state user-library-read user-library-modify playlist-modify-private playlist-modify-public user-read-playback-state user-read-currently-playing user-read-recently-played user-top-read"
Use the smallest Spotify OAuth scope set needed for the features you actually want, and avoid playlist/library modification scopes unless you specifically need them.
The agent may interrupt current playback, queue songs, skip tracks, or change volume on an active Spotify device.
The script exposes commands that can mutate Spotify playback state, queue tracks, and change volume. This is purpose-aligned for a DJ/music-control skill, but it is still real account/device control.
node r2-dj.js play <query|uri> ... pause ... skip ... volume <0-100> ... queue <uri1> <uri2> ...
Install only if you are comfortable letting the agent control Spotify playback, and consider requiring explicit user confirmation for volume or queue-changing actions.
Anyone or any skill with access to the token file could potentially use the delegated Spotify permissions.
The skill clearly depends on local Spotify OAuth tokens. This is expected for Spotify playback integration, but the token grants delegated access to the user's Spotify account.
Requires: Spotify Premium with active device, OAuth tokens in projects/spotify/.
Store tokens in a protected location, do not share the projects/spotify directory, and revoke the Spotify app token if you stop using the skill.
A future change in the repository could differ from the reviewed artifact if the user installs directly from the latest branch.
The README suggests cloning from a GitHub repository without pinning a commit or release. This is a common manual install pattern and is not automatically executed, but users should verify the source.
git clone https://github.com/swats-ai/bumblebee.git ~/.openclaw/workspace/skills/bumblebee
Install from a trusted, reviewed release or pin a specific commit when cloning.