ClawHub

AppleScript

v1.0.0

Write and run safe AppleScript automation on macOS with dictionary discovery, robust quoting, and deterministic read-first workflows.

1· 492·4 current·4 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the declared requirements: OS restriction is darwin, required binary is osascript, and the skill's workflows focus on AppleScript dictionary discovery and safe execution. There are no unrelated binaries, environment variables, or unusual config paths requested.
Instruction Scope
SKILL.md and the included docs instruct the agent to inspect app dictionaries, construct bounded AppleScript probes, run osascript, and store/read notes under ~/applescript/. The instructions emphasize read-before-write, explicit confirmation for destructive actions, and do not direct data to external endpoints or ask for unrelated system secrets.
Install Mechanism
There is no install spec (instruction-only skill), so nothing is downloaded or written to disk by an installer. This is the lowest-risk install model.
Credentials
The skill declares no required environment variables or credentials and only uses a local config/memory path. Persistent storage is limited to ~/applescript/ which is proportional to the stated purpose.
Persistence & Privilege
The skill persists memory and notes in ~/applescript/ by design. always is false (not force-included). SKILL.md requires explicit user confirmation before creating or modifying local files, which mitigates risk—users should still review what gets stored.
Assessment
This skill appears coherent and low-risk, but review these before installing or running: 1) Confirm you are on macOS and that osascript is the intended execution path; 2) Do not grant blanket permission to create or modify files—allow writes only after the agent explains what it will store in ~/applescript/; 3) Be cautious with destructive actions: follow the two-step confirmation the skill requires and verify read-back results; 4) Expect macOS Automation/privacy prompts for target apps—grant them only to apps you trust; 5) Because the skill is instruction-only and the source is 'unknown', prefer manual review of any first-run scripts the agent proposes and do not enable automatic activation for broad scenarios. If you want higher assurance, ask the maintainer for a repository or code audit before enabling persistent memory.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fbdpxje7h80d91qg4ygwtpn82540e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

A Clawdis
OSmacOS
Binsosascript

Comments