Mirroir

Security checks across malware telemetry and agentic risk

Overview

Mirroir is transparently meant to control a real iPhone, but it gives broad agent control over logged-in phone apps and installs privileged macOS helpers with limited safety scoping.

Install only if you intentionally want an agent to view and control your real iPhone. Prefer Homebrew or an inspected package over curl-to-bash, supervise sessions, close sensitive apps and notifications, require manual confirmation before sending messages, submitting forms, changing settings, recording, or using credentials, and review or remove the helper daemon, Karabiner extension, Screen Recording, and Accessibility permissions when done.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly enables remote interaction with a real iPhone, including reading on-screen content, typing text, launching apps, and sending messages, but it does not present an explicit privacy/safety warning or require strong user-confirmation guidance for sensitive actions. Because iPhone Mirroring exposes potentially private content from any visible app, an agent using this skill could access or act on messages, accounts, or settings in ways the user may not fully anticipate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal