Is spotify-player safe?

The skill instructs the agent to run 'spogo auth import --browser chrome' which reads Chrome browser cookies to authenticate with Spotify. While this is the legitimate auth flow for spogo, it represents an elevated privilege operation that accesses sensitive browser session data. An agent following this instruction without explicit user confirmation could inadvertently expose session tokens.

The spogo auth import command reads Chrome cookies and passes them to the spogo binary. The security of this operation depends entirely on the trustworthiness of the spogo binary installed from the third-party Homebrew tap steipete/tap. The skill itself does not exfiltrate data, but it creates a pathway where a compromised binary could.

The skill's install metadata references steipete/tap, a third-party Homebrew tap. Users must trust this tap maintainer for binary integrity. This is standard practice for non-core Homebrew packages but extends the trust chain beyond the skill itself.

Filesystem monitoring captured OPEN events on /home/oc-exec/.env and /home/oc-exec/.aws/credentials. These are attributable to the OpenClaw gateway runtime initialization (evidenced by the gateway.e9191928.lock creation and jiti module compilation occurring at the same timestamps), not to the skill under test.

The entire skill consists of a single SKILL.md file with CLI documentation and metadata. There is no executable code, no build scripts, no hooks, and no hidden content. The skill's attack surface is limited to the instructions it provides to the agent.