High-risk tools in Spotify MCP Server
6 of the 51 tools in Spotify MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
spotify_nextExecuteSkip to the next track in the user
-
spotify_pauseExecutePause playback on the user
-
spotify_playExecuteStart or resume playback. Can optionally specify device, context (album/playlist URI), specific tracks, or starting position.
-
spotify_previousExecuteSkip to the previous track in the user
-
spotify_seekExecuteSeek to a specific position in the currently playing track.
-
spotify_transfer_playbackExecuteTransfer playback to a different device.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.