Back to skill
Skillv1.2.0
VirusTotal security
Spotify Player · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:22 AM
- Hash
- 535a4c2bb0b581c681c5f5aebfe3c5139e3ade0700396d95bb7aaa9e9927cc3a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: spotify-linux Version: 1.2.0 The skill is a legitimate utility for controlling Spotify on headless Linux servers using the open-source 'spogo' CLI tool. It facilitates authentication via session cookies (sp_dc, sp_t) which are stored locally, and the documentation explicitly instructs the agent to treat these as secrets and avoid logging or sharing them. The installation steps use standard Go commands and official download links (go.dev, github.com/steipete/spogo), with no evidence of malicious intent, data exfiltration, or unauthorized access.
- External report
- View on VirusTotal