Back to skill
Skillv1.0.1
VirusTotal security
Safari Control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 24, 2026, 4:01 PM
- Hash
- 75557960fdee5534a28d5e148d124b03cf913407ca209a255dcf4ef970d212fd
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: safari-control Version: 1.0.1 The safari-control skill provides an AI agent with extensive control over a user's live Safari session on macOS, including arbitrary JavaScript execution (run-js, eval-js), native UI automation, and session data extraction (save-session, save-page-bundle). The SKILL.md instructions explicitly guide the agent to ask the user to lower Safari's security settings, such as 'Allow JavaScript from Apple Events' and 'Allow Automation.' While these capabilities are plausibly required for the stated purpose of browser automation, they represent a high-risk attack surface that could be used to interact with sensitive logged-in sessions or exfiltrate page content. The inclusion of self-packaging and release commands (build, release) in the scripts/safari_control.swift tool is also unusual for a standard skill bundle.
- External report
- View on VirusTotal