AirTag
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent and mostly safety-conscious, but it handles sensitive Apple Find My/AirTag location access that users should enable carefully.
This skill does not show malicious behavior in the provided artifacts, but it deals with sensitive location and Apple account context. Prefer the lowest-scope mode, avoid unofficial API tooling unless you trust it, never share Apple ID passwords, and review or delete local ~/airtag/ notes when they are no longer useful.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the agent or chosen connector may be able to view sensitive Find My item location state for account-visible AirTags.
The skill is explicitly designed for account-level AirTag access, which is sensitive because it can reveal item locations tied to the user's Apple account.
Use this skill when the user wants the agent to access any AirTag in their Apple account
Use the narrowest access mode that solves the task, prefer Shared Link Mode for one item when possible, and do not share Apple ID passwords or unreviewed credential material.
Granting UI automation permissions can let an automation bridge interact with the Find My app and potentially other visible UI depending on the bridge.
Direct App Control relies on local UI automation permissions, which can be broad OS-level authority even though it is disclosed and aligned with controlling Find My.app.
Requires UI automation permissions
Grant Accessibility or Screen Recording permissions only to trusted automation tools and revoke them when AirTag support is no longer needed.
Using an unofficial connector can create account, reliability, or privacy risk if the connector is poorly maintained or mishandles session data.
The skill discloses that one access mode depends on external unofficial tooling for Apple's private protocols; that dependency is not bundled here and must be trusted separately.
Programmatic API Mode (`findmy`) ... Unofficial/private-protocol stack
Only use Programmatic API Mode with a connector you have independently reviewed and configured, and prefer local app control or a shared link when sufficient.
Local notes could reveal sensitive routines, item ownership, lost-item history, or safe-zone locations to anyone with access to those files.
The skill defines persistent local memory that can contain AirTag inventory, incident timelines, and frequent-location context.
~/airtag/ ... items.md ... incidents.md ... maintenance.md ... safe-zones.md
Keep the ~/airtag/ folder private, avoid storing credentials or unrelated personal details, and periodically delete incident or safe-zone notes that are no longer needed.