Mac Disk Audit

Security checks across malware telemetry and agentic risk

Overview

This Mac cleanup skill is mostly purpose-aligned, but it gives risky permanent-delete commands while also making inconsistent safety promises about confirmation and Trash-based deletion.

Install only if you are comfortable reviewing every cleanup command manually. Do not run the provided rm -rf or sudo rm -rf examples unless you have checked each path, understand that deletion may be irreversible, and have backups; prefer Trash/Finder-based cleanup where possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

High

Confidence: 98% confidence
Finding: The skill’s own safety policy says deletions should go through Trash/Finder, but it recommends irreversible `rm -rf` deletion instead. That contradiction increases the chance an agent or user will treat permanent deletion as approved, leading to immediate, unrecoverable data loss.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The metadata promises the skill will only report and wait for user confirmation, yet the body includes '无需确认' cleanup guidance and direct destructive commands presented as safe. This mismatch can mislead downstream agents and users into underestimating risk and executing deletion commands without adequate review.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal