ClawHub

Macos Connectivity Restore

Security checks across malware telemetry and agentic risk

Overview

This skill matches its stated Mac settings-repair purpose, but its optional startup installer creates persistent root-level execution with weak containment and limited cleanup guidance.

Install only if you are authorized to change managed Mac policy. Prefer the one-time restore scripts over the startup installer. Treat the reboot-persistence option as requiring careful review, explicit admin approval, and a clear uninstall plan before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill declares shell-capable operational steps, including root-level scripts and startup-item installation, but does not declare permissions or present an explicit trust boundary. That omission increases the risk that an agent or user may run privileged and persistent system changes without adequate review or consent.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The installer creates and loads a persistent root LaunchDaemon and a user LaunchAgent to run on startup, which exceeds a one-time settings repair and materially expands the trust and attack surface of the skill. Because the script installs persistence with elevated privileges, any weakness in the referenced restore scripts or later tampering with their paths could lead to recurring privileged execution.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs installation of a LaunchDaemon and LaunchAgent to reapply changes across reboot/login, but it does not prominently warn that this creates persistent system behavior. Persistent startup mechanisms materially increase risk because they survive reboot and can repeatedly enforce settings or execute code without renewed user intent.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script writes persistent LaunchAgent/LaunchDaemon files and later performs privileged launchctl changes without presenting a clear user-facing warning about installing startup persistence. Hidden or poorly disclosed persistence is risky because users may authorize admin privileges for a 'settings fix' without understanding that it will survive reboot and keep executing automatically.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
## Scripts

- `scripts/restore-root.sh`
  - Run as root. Fixes the managed preference files under `/Library/Managed Preferences`.
- `scripts/restore-user.sh`
  - Run as the logged-in user. Sets AirDrop receiving mode to `Contacts Only`.
- `scripts/install-startup.sh`
Confidence
88% confidence
Finding
Run as root

Session Persistence

Medium
Category
Rogue Agent
Content
1. Ensure this skill has been installed to a stable path under `~/.claude/skills/macos-connectivity-restore`.
2. Run `scripts/install-startup.sh`.
3. Confirm these startup items exist:
   - `/Library/LaunchDaemons/com.joseph.macos-connectivity-restore.root.plist`
   - `~/Library/LaunchAgents/com.joseph.macos-connectivity-restore.user.plist`

## Verification Commands
Confidence
95% confidence
Finding
plist

Session Persistence

Medium
Category
Rogue Agent
Content
2. Run `scripts/install-startup.sh`.
3. Confirm these startup items exist:
   - `/Library/LaunchDaemons/com.joseph.macos-connectivity-restore.root.plist`
   - `~/Library/LaunchAgents/com.joseph.macos-connectivity-restore.user.plist`

## Verification Commands
Confidence
90% confidence
Finding
plist

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal