The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill uses the 'uv' package manager to download and manage the 'spotipy' library from the official Python Package Index (PyPI). This is a standard and safe way to handle dependencies.
[COMMAND_EXECUTION]: The skill uses 'subprocess.Popen' to launch a local authentication script ('spotify_auth.py'). This is a necessary and documented step to initiate the Spotify OAuth flow.
[SAFE]: Sensitive API credentials such as the Client ID and Client Secret are managed via environment variables rather than being hardcoded in the source code.
[SAFE]: The authentication script starts a local web server bound strictly to the '127.0.0.1' loopback address, which is the standard secure method for handling local OAuth redirects.

spotify-hub