spotify
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the
spotifyCLI andosascriptto execute AppleScript commands for playback control, volume adjustment, and track selection. - [EXTERNAL_DOWNLOADS]: Fetches the
shpotifypackage via the Homebrew package manager during the installation process. - [PROMPT_INJECTION]: The skill workflow involves ingesting untrusted data from web search results to be used in shell commands, creating a potential surface for indirect injection.
- Ingestion points: Spotify IDs and URLs extracted from external web search results (referenced in SKILL.md).
- Boundary markers: Absent; the skill does not specify delimiters or instructions to ignore embedded commands within the searched content.
- Capability inventory: Execution of AppleScript via shell subprocesses (
osascript) across multiple playback commands. - Sanitization: Absent; there is no explicit requirement to validate or escape the extracted IDs before they are interpolated into the
osascriptexecution string.
Audit Metadata