← Back to Skills Marketplace
Spotify Player
by
Peter Steinberger
· GitHub ↗
· v1.0.0
26770
Downloads
55
Stars
1216
Active Installs
1
Versions
Install in OpenClaw
/install spotify-player
Description
Terminal Spotify playback/search via spogo (preferred) or spotify_player.
Usage Guidance
Install only if you trust the spogo CLI and are comfortable letting it import Spotify authentication from Chrome. Prefer an official OAuth or device-code login if available, and verify where spogo stores imported tokens and how to revoke them.
Capability Analysis
Type: OpenClaw Skill
Name: spotify-player
Version: 1.0.0
The skill bundle is classified as suspicious due to the `spogo auth import --browser chrome` command specified in `SKILL.md`. This command accesses sensitive browser cookies for authentication, which, while plausibly needed for the stated purpose of a Spotify player, represents a high-risk capability that could be abused. There is no clear evidence of intentional malicious behavior or prompt injection against the agent for data exfiltration or unauthorized actions within the provided files, but the direct access to browser data warrants a 'suspicious' classification.
Capability Assessment
Purpose & Capability
Spotify playback and search plausibly require authentication, and the documented spogo and spotify_player commands match the stated media-control purpose.
Instruction Scope
SKILL.md explicitly instructs `spogo auth import --browser chrome`, which uses local browser session material, but does not define what is read, where tokens are stored, or how access is limited.
Install Mechanism
The install metadata only declares Homebrew installs for spogo or spotify_player; the sensitive browser import appears as a user-visible setup step, not hidden automatic execution.
Credentials
Reading or importing browser authentication is high-impact access for a terminal Spotify player and is under-scoped in the artifact, even though authentication itself is expected.
Persistence & Privilege
The cookie import likely creates persistent local authentication state for playback control, but the artifact gives no revocation, containment, or safe-handling guidance.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install spotify-player - After installation, invoke the skill by name or use
/spotify-player - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Metadata
Frequently Asked Questions
What is Spotify Player?
Terminal Spotify playback/search via spogo (preferred) or spotify_player. It is an AI Agent Skill for Claude Code / OpenClaw, with 26770 downloads so far.
How do I install Spotify Player?
Run "/install spotify-player" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Spotify Player free?
Yes, Spotify Player is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Spotify Player support?
Spotify Player is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Spotify Player?
It is built and maintained by Peter Steinberger (@steipete); the current version is v1.0.0.
More Skills