spogo / spotify_player

Name: spotify-player
Author: steipete

Share on X Share on LinkedIn Share on Bluesky

40Medium

The skill risks command injection via unsanitized user input and could be tricked into importing browser cookies, compromising authentication tokens.

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

spogo / spotify_player: Use `spogo` **(preferred)** for Spotify playback/search. Fall back to `spotify_player` if needed.

Actually does

This skill installs `spogo` or `spotify_player` via `brew`. It then uses these tools to interact with Spotify, performing actions like searching for tracks, controlling playback, managing devices, and importing authentication cookies from a browser (e.g., Chrome). It also accesses configuration files located in `~/.config/spotify-player`.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction2 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namesteipete/spotify-player

Registryclawhub

Version1.0.0

PURLpkg:clawhub/steipete/spotify-player@1.0.0

Stars45

Downloads21,646

Installs1,145

Source

Repository ↗

SHA-2564a7a735fe86c...

SHA-1265de46b563c...

MD5fd10d6ce0826...

TLSHf321be4a0889...

Size1,369 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/steipete/spotify-player

21,646 downloads1,145 installs

ClawHubDocs

openclaw skills install steipete/spotify-player

Assessments (1)

AI Agent Traps ↗

Potential Command Injection via User Inputmediumcommand execution

The skill documents CLI commands that accept user-provided 'query' strings. If the AI agent does not properly sanitize user input before passing it to these commands, it could lead to command injection.

80% confidenceline 26

spogo search track "query", spotify_player search "query"

Exposure of Sensitive Credential Import Operationmediumcredential harvesting

The skill explicitly mentions a command to import browser cookies. While intended for legitimate setup, an AI agent could be socially engineered or tricked into executing this command in an unintended context, potentially leading to the compromise of sensitive authentication tokens.

70% confidenceline 17

spogo auth import --browser chrome

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/steipete/spotify-player.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/steipete/spotify-player)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/steipete/spotify-player"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/steipete/spotify-player.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/steipete/spotify-player.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow