Back to skill
Skillv1.0.0
ClawScan security
Apple Contacts · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 4:25 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is internally consistent with its stated purpose: a macOS Contacts CLI that requires Contacts permission and Python dependencies and does not request unrelated credentials or network access.
- Guidance
- This skill will access and modify your local macOS Contacts database — grant Terminal (or the agent host) Contacts permission only if you trust the author and have reviewed the script. The code uses the native Contacts framework (via pyobjc) and runs osascript for group removal; review scripts/mac-contacts.py before use to confirm there are no unexpected network calls or data exfiltration paths. Ensure you have backups or are comfortable with the tool creating/updating/deleting contacts before running tests or commands that modify data.
Review Dimensions
- Purpose & Capability
- okName/description match the included files and instructions. The skill is a CLI wrapper around CNContactStore (macOS Contacts) and requires pyobjc and PyYAML — these are appropriate for the claimed functionality. No unrelated binaries, config paths, or external services are requested.
- Instruction Scope
- okSKILL.md instructs the agent to run the included Python script, install the listed Python packages, and grant Contacts permission to Terminal/agent host. The runtime instructions and examples focus on searching, showing, creating, updating, deleting contacts, and managing groups. The instructions do not ask the agent to read unrelated files or environment variables or to send data to external endpoints. Note: the tool will read and modify the user's Contacts database (sensitive data) and uses osascript for group removal workarounds.
- Install Mechanism
- okNo automated install spec is provided (instruction-only install), so nothing is downloaded or executed automatically. Dependencies are standard Python packages (pyobjc-framework-Contacts and pyyaml) installed via pip — this is proportionate for a Python CLI that uses the macOS Contacts framework.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths. That is proportionate: accessing the macOS Contacts store requires OS permission but not additional secrets. The lack of requested credentials matches the stated purpose.
- Persistence & Privilege
- okThe skill is user-invocable and not always-enabled; it does not request elevated persistence or modifications to other skills or system-wide agent settings. Autonomous invocation is allowed by default (disable-model-invocation=false) but that is the platform default and not, by itself, a red flag.