Back to skill

Security audit

Sonos Music Search

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal Sonos control helper, with minor privacy and expectation-setting gaps around local speaker discovery and IP address display.

Install this only if you are comfortable letting the agent discover Sonos speakers on your local network and control playback. Confirm the target speaker before playback commands, and avoid sharing logs if they include local device IP addresses.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Low
Confidence
88% confidence
Finding
The `listSpeakers()` command returns and prints each Sonos device's host IP address, but the skill description only mentions speaker discovery and does not disclose that network-identifying information will be exposed. While this is not code execution or direct compromise, it can leak internal network topology and device metadata to users or logs, which increases privacy and reconnaissance risk.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The skill documentation explains music search and playback but does not clearly foreground that it will discover and control Sonos devices over the local network. This can mislead users about the scope of device interaction, increasing the chance of unexpected playback or unintended control of household speakers once installed and used.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.