macOS Automator

Security checks across malware telemetry and agentic risk

Overview

This is a transparent macOS Automator helper, but users should review workflow side effects before letting it run or edit automations.

Install only if you want an agent to drive local macOS Automator workflows. Before running or editing a workflow, confirm the exact path, inputs, expected side effects, rollback or backup plan, and any macOS permission prompts; avoid storing secrets in the skill's local memory files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill provides concrete instructions to open, modify, and execute Automator workflows via AppleScript and the automator tooling without any explicit warning that workflows can change files, invoke applications, or otherwise alter system state. In this context, omission of safety guardrails increases the chance an agent or user will run non-trivial workflows on the host with insufficient review, leading to unintended file changes, application actions, or permission-prompt driven side effects.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal