iCloud
Security checks across malware telemetry and agentic risk
Overview
This iCloud skill is transparent about using local Apple authentication for user-directed iCloud Drive, Photos, and Find My actions, with clear confirmation and privacy safeguards.
Install only if you are comfortable letting an agent operate your own iCloud account through local prompts. Do not paste Apple credentials or 2FA codes into chat, review the pyicloud dependency, prefer session-only mode if you do not want local notes, and approve risky actions only after checking the exact device ID or iCloud Drive path.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.