Not every "Spotify no ads" script is benevolent. Because these patchers require administrative privileges to modify Spotify’s installation folder, malicious actors have disguised keyloggers and info-stealers as Spotify patchers. A popular "ad blocker" could actually be uploading your saved passwords and browser cookies to a remote server.
GitHub does not scan every file for viruses. Because Spotify mods require deep system access (memory manipulation or hosts file editing), bad actors hide keyloggers and crypto-miners inside "Spotify Patchers." spotify no ads github