Skills
skills/crafter-station/skills/spoti-cli/Gen Agent Trust Hub

spoti-cli

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various spoti-cli commands (e.g., search, recommend, create, me) to interact with the Spotify API. These commands are integral to the skill's primary function of managing music playlists.
  • [COMMAND_EXECUTION]: Uses the open command to launch Spotify URIs (spotify:playlist:...) or web URLs. This is a standard system operation for opening resources in their default applications.
  • [EXTERNAL_DOWNLOADS]: Instructs the user to install the spoti-cli utility globally using bun add -g spoti-cli. This is a standard prerequisite for using the tool and is performed by the user during initial setup.
  • [DATA_EXPOSURE]: The skill reads local files from the user's Obsidian vault (specifically 02_Journal/daily/{YYYY-MM-DD}.md) to infer mood for playlist generation. This access is explicitly described as a feature ('Vault-aware') and serves the primary purpose of the skill without signs of exfiltration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 02:08 AM