Security Audit

spotify-player

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

spotify-player received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential for Command Injection via unsanitized user input to CLI tools, Dependency on third-party Homebrew tap introduces supply chain risk.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential for Command Injection via unsanitized user input to CLI tools The skill's documentation describes CLI commands (`spogo search track "query"`, `spogo device set "<name\|id>"`, `spotify_player search "query"`) that take user-provided arguments. If the AI agent constructs these commands by directly embedding untrusted user input without proper sanitization or escaping, it could lead to command injection, allowing an attacker to execute arbitrary shell commands. The AI agent should sanitize and properly escape all user-provided input before passing it as arguments to external shell commands. Consider using a library or framework that handles command argument escaping automatically.	LLM	SKILL.md:15
MEDIUM	Dependency on third-party Homebrew tap introduces supply chain risk The skill's manifest specifies the installation of `spogo` via a custom Homebrew tap (`steipete/tap`). Relying on third-party taps introduces a supply chain risk, as the integrity of the tap's contents is dependent on its maintainer. A compromise of the tap could lead to the installation of malicious software. Evaluate the trustworthiness and maintenance practices of `steipete/tap`. If possible, prefer official package repositories or well-vetted taps. Consider pinning specific versions or hashes if the package manager supports it, to mitigate risks from future tap compromises.	LLM	SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e46f3c7132f7e71e.svg)](https://skillshield.io/report/e46f3c7132f7e71e)