spotify-player
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of local binaries including
spogoandspotify_playerto interact with the Spotify service. - [EXTERNAL_DOWNLOADS]: Installation instructions guide the user to download software from a third-party Homebrew tap (
steipete/tap) which is not an official system repository. - [DATA_EXFILTRATION]: Documentation includes instructions for
spogo auth import, a process that retrieves browser cookies to handle authentication, thereby accessing sensitive user session data.
Audit Metadata