Spotify

Security checks across malware telemetry and agentic risk

Overview

The Spotify playback skill is mostly coherent, but its install steps ask users to put an unprovided executable into a system command path with sudo.

Install only if you can inspect and trust the actual spotify script before copying it into /usr/local/bin. Prefer a virtual environment or pipx instead of --break-system-packages, use a user-local bin directory where possible, and restrict the Spotify config file permissions, such as chmod 600.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to place Spotify API client credentials in a plaintext file under ~/.config/spotify-cli/config without warning about filesystem permissions or secret handling. While this is common for local CLI tools, it increases the risk of credential exposure to other local users, backups, logs, or accidental sharing, especially on shared systems or when home directories are broadly readable.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal