Security audit

TouchBridge — Phone Biometric Auth for Mac

Security checks across malware telemetry and agentic risk

Overview

The skill matches its stated purpose, but it puts third-party software into the Mac sudo/authentication path and gives installation/testing instructions that need careful review.

Install only if you intentionally trust this project to modify your Mac authentication path. Verify the package or source provenance before installing, avoid simulator mode except in controlled testing, prefer paired-device production approval over browser URL approval, and make sure you know how to restore the original PAM configuration before relying on it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (4)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill instructs users to download and run a macOS .pkg installer from GitHub for software that integrates with authentication flows, but it does not clearly warn that installation may modify PAM/authentication behavior or require elevated trust. Installing a package that affects sudo and system prompts can materially change the local security boundary, so omitting explicit trust and system-change warnings is dangerous.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill advertises handling sudo and screensaver unlock, then later documents weaker modes such as simulator auto-approve and browser-based approval, but the security downgrade is not prominently warned at the point of use. Because these flows mediate privileged authentication, insufficient warning can lead users to enable insecure testing modes in real environments and unintentionally weaken system access controls.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The setup instructions tell users to run a privileged shell script with sudo, but do not clearly explain that this modifies PAM/authentication behavior and installs a daemon affecting system login or sudo approval flows. Because this skill’s purpose is to intercept or alter privileged authentication on macOS, silent execution of root scripts is especially dangerous: a compromised or buggy script could weaken authentication, persist privileged components, or lock users out.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documentation instructs users to download a package from a remote release URL and open it, but gives no trust warning, signature verification, checksum, or explanation of the system-level impact. In the context of a tool that integrates with sudo and macOS authentication prompts, installing an unverified package is particularly sensitive because it could grant an attacker a path to privileged code execution or authentication bypass.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal