ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

xcodebuildmcp

v1.0.0

Use when the user needs Xcode build/test/run workflows, simulator or device control, UI automation, screenshots/video, logs, or LLDB debugging through XcodeBuildMCP tools. Includes discovery of projects/schemes, session defaults, and common simulator/device workflows.

2· 2.4k·7 current·7 all-time
by@ipavlidakis
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md clearly targets Xcode build/test/run and simulator/device control via XcodeBuildMCP tools — that matches the skill name/description. However the registry metadata does not declare the implicit platform requirements (macOS, Xcode, Node) or required binaries; this is an inconsistency in metadata (the skill will only work on macOS with Xcode installed).
Instruction Scope
The runtime instructions stay within the stated domain: discovering projects/schemes, setting session defaults, running builds/tests, simulator/device control, UI automation, logs, screenshots and LLDB debugging. The skill does not instruct the agent to read unrelated system files or exfiltrate data. Note: gathering logs/screenshots and attaching LLDB debugger are powerful actions that may expose sensitive app/device data — the instructions mention avoiding destructive actions unless requested, which is appropriate.
Install Mechanism
There is no install spec in the registry (instruction-only), which is low risk. The reference docs recommend using 'npx xcodebuildmcp@latest' or a global 'xcodebuildmcp' binary; these are normal but mean the agent/operator will run code from the npm ecosystem. The references also list an 'npx -y @smithery/cli install' helper. These are reasonable but you should verify the upstream npm packages before running installs.
!
Credentials
The skill declares no required env vars or credentials, which is consistent with being an instruction-only wrapper. However real operations (device installs, debugging) typically require macOS/Xcode, Node, and may require code‑signing credentials, provisioning profiles, or Keychain access on the host — none of which are mentioned in metadata. The omission of an explicit OS restriction (macOS) and missing notes about signing/Keychain access is a proportionality/clarity gap the user should be aware of.
Persistence & Privilege
The skill is instruction-only, has no install spec that writes to disk in the registry, and 'always' is false. It does not request persistent presence or privileged modifications to other skills or system settings in its instructions.
What to consider before installing
This skill appears to be what it claims: a set of runtime instructions for controlling XcodeBuildMCP tools. Before installing or using it, consider: - You must run this on macOS with Xcode (and likely Node) installed — the registry metadata doesn’t state that, so confirm your environment first. - The references suggest installing the MCP server via npx or a global package. Running 'npx xcodebuildmcp@latest' or @smithery/cli will fetch and execute code from npm — only run those if you trust the package and its maintainer. Review the npm package/source repo before installing. - Actions like installing on a physical device, collecting logs/screenshots, or attaching LLDB can expose sensitive information (app data, logs, keystores). Only run against devices/projects you control or where you’ve validated privacy/security requirements. - The metadata omission of platform requirements and any mention of code‑signing/Keychain access is a red flag for sloppy packaging (not necessarily malicious). If you need higher assurance, ask the publisher for the upstream repo/source for the MCP server and verify the code and release provenance before running the recommended npx/global installs.

Like a lobster shell, security has layers — review code before you run it.

latestvk974kpbmq2xww44j0asygpa7xx809r88

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments