iCloud
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is transparent about using your Apple account locally to operate iCloud, with confirmation gates, but it still involves sensitive iCloud access and optional local operational memory.
Install only if you are comfortable letting an agent access your iCloud account through local authentication. Do not paste Apple credentials into chat, review the pyicloud dependency, use session-only mode if you do not want local memory, and require exact confirmation for device actions, deletes, renames, uploads, or bulk downloads.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can access iCloud data and services after the user authenticates locally.
The skill uses local Apple ID credentials to create an iCloud API session. This is expected for the stated purpose and avoids chat-based credential collection, but it grants sensitive account-level access.
user = input("Apple ID: ").strip()
pwd = getpass.getpass("Apple password: ")
api = PyiCloudService(user, pwd)Only use this with your own Apple account, never paste credentials into chat, and confirm the exact iCloud areas and devices the agent may access.
If approved, the agent could change iCloud Drive content or trigger Find My actions on a device.
The skill documents actions that can affect devices or cloud files, but it also requires user confirmation and scoped targets before those actions.
Treat lost mode, message push, file rename/delete, and bulk upload as risky. Before running risky actions, summarize target, effect, and rollback option, then request explicit confirmation.
Before approving any risky action, check the exact device ID or file path, the expected effect, and the rollback plan.
Installing the dependency runs and uses third-party package code on the user's machine.
The skill relies on a third-party PyPI package. The dependency is pinned and disclosed, but it is still part of the trust boundary.
python3 -m pip install --user pyicloud==2.4.1
Install only if you trust the pyicloud package and prefer using a dedicated Python environment if you want stronger isolation.
Local notes could reveal device names, iCloud Drive paths, or previous account operations to anyone with access to the machine.
The skill can persist local operational context such as device mappings, verified paths, and operation logs. It says not to store secrets, but the retained context may still be sensitive.
Memory lives in `~/icloud/`... operations-log.md... device-map.md... drive-map.md... safety-events.md
Use session-only mode if you do not want persistence, and review or delete ~/icloud/ if you stop using the skill.