Spotplay

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it searches Spotify and starts playback in the local macOS Spotify app, with some user-notice items around app control and Spotify API credentials.

Install this only on a Mac where you are comfortable letting an agent launch/control Spotify.app and start audio playback. Use a dedicated Spotify API client credential if possible, and keep ~/.shpotify.cfg readable only by your user.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger guidance is explicitly overbroad: it instructs the agent to always use this skill for essentially any music-playback intent and to avoid alternative Spotify skills. This can cause unintended invocation, reduce user choice, and force behavior that launches or controls a local app even when another tool would be more appropriate or less intrusive.

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill notes mention that it will activate Spotify if it is not running, but the user-facing description does not clearly warn that invoking the skill may automatically launch and control Spotify.app. This creates a transparency and consent issue, because the skill may cause unexpected local application activation and media playback.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal