imsgctl

Security checks across malware telemetry and agentic risk

Overview

This is a clearly disclosed, read-only Apple Messages inspection skill, but it can expose very private chats and should be used narrowly.

Install only if you intentionally want an agent to inspect Apple Messages data on this machine or an imsgkit replica. Prefer specific chat IDs, small limits, and time windows; avoid attachment access unless needed; grant Full Disk Access only when necessary; and stop watch mode when live monitoring is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill guides an agent to access highly sensitive local Apple Messages data, including message history, attachments, and live monitoring, without an explicit privacy warning or a requirement to confirm user authorization before use. In an agent setting, this omission increases the risk of over-collection or unauthorized surveillance-like behavior, especially because the workflow normalizes broad chat inspection and continuous watching of new activity.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal