Trust Assessment
spotify received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential AppleScript Command Injection via unsanitized input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential AppleScript Command Injection via unsanitized input The skill demonstrates using `osascript` to control Spotify playback. The `osascript -e 'tell application "Spotify" to play track "spotify:artist:ID"'` command constructs an AppleScript string. If the 'ID' portion of the Spotify URI is derived from user-controlled input without proper sanitization (e.g., escaping double quotes or validating the format), a malicious user could inject arbitrary AppleScript commands. This could include `do shell script` to execute arbitrary shell commands on the host system, leading to command injection and granting excessive permissions beyond the intended scope of controlling Spotify. Implement robust input validation and sanitization for any user-provided data used to construct `osascript` commands. Specifically, ensure that any string inserted into the AppleScript command is properly escaped to prevent breaking out of string literals or injecting new commands. Consider strictly whitelisting allowed Spotify URI formats and validating the ID structure. | LLM | SKILL.md:28 |
Scan History
Embed Code
[](https://skillshield.io/report/6a7d0010f6d470d5)
Powered by SkillShield