We checked this and rejected itsecurity

Apple Music: why it is not safe to use

Apple Music (kennethreitz/mcp-applemusic) passed at 92/100; the only caveat is the macOS Automation permission it needs to control the Music app.

What we found

This skill passed our review at 92/100. Across our checks it was clean: no hidden or injected instructions, no network calls or external fetches, no API keys or credentials, no keychain or Apple ID access, and no shell, file, or system-level commands. The code is straightforward, readable Python (FastMCP) with no obfuscation. Its actions run entirely on the local Mac through AppleScript and control the already-signed-in Music app.

Our one flagged item is a permission caveat, not a defect. To send AppleScript to Music.app, the skill needs macOS Automation permission, which you grant on first use. `osascript` is the correctly scoped path for this, and creating playlists writes to your local music library. Nothing we saw sends data off the device.

What to do instead

You can use this skill as reviewed. When macOS prompts, grant Automation access only for controlling Music, and review that grant in System Settings, Privacy and Security, Automation if you want to revoke it later. Expect new or changed playlists in your library, since that is how the skill works. If you prefer not to let automation write to your library, skip the playlist features and keep it to playback controls.

Want the same outcome, safely? Use our checked skill instead.

Source: https://github.com/kennethreitz/mcp-applemusic

We report what our security review found at the time we checked, with the goal of keeping people safe. Projects change; if a maintainer has since fixed this, we are glad to recheck it. Email hello@agentpod.com.

Copied to clipboard. Paste it into your AI (ChatGPT, Claude, or your agent) to add the skill.