Back to skill
Skillv1.1.0
VirusTotal security
macOS Notification Reader · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:07 AM
- Hash
- b4d5e55bd466864b4210c7471825f829ca858e271abf0b455282f6b90dcb5a7d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: macos-notification-reader Version: 1.1.0 The skill requires Full Disk Access to read the macOS notification database (~/Library/Group Containers/group.com.apple.usernoted/db2/db), which contains sensitive private data such as message previews and potentially 2FA codes. While the core script (read_notifications.py) and wrappers (work-summary.sh) appear to process data locally and lack exfiltration logic, the requirement for broad system permissions and the use of a predictable temporary file path (/tmp/notif_pipeline.db) present significant privacy and security risks.
- External report
- View on VirusTotal