iCloud Find My
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is purpose-aligned for Find My lookups, but it gives the agent reusable iCloud/Find My access to sensitive family location data, persists account information, and documents unsafe parsing.
Install only if you are comfortable letting the agent use a saved iCloud session to query Find My data. Require explicit approval for family-location and proactive monitoring use, avoid storing your Apple ID in general workspace notes, verify the PyiCloud dependency, and replace the documented `eval()` parsing with a safer parser.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could query sensitive family device locations and battery status more broadly or proactively than a user expects.
The documented command lists family devices, and the proactive-use instructions encourage the agent to check location context and infer home/away status without defining per-use approval, device scope, or monitoring limits.
`icloud --username APPLE_ID --with-family --list` ... `Proactive Use Cases` ... `Location context` ... `Home/away detection`
Make user-requested, named-device lookups the default; require explicit opt-in and confirmation for family-device queries, proactive checks, and home/away inference.
A saved iCloud session lets the agent repeatedly access account-backed Find My information until the session expires.
This creates a long-lived authenticated iCloud session that can access Find My data; the instructions do not clearly limit which account privileges or devices the agent may use after authentication.
Ask the user for their Apple ID ... They'll need to enter their password and complete 2FA. The session will be saved and lasts 1-2 months.
Clearly declare the iCloud credential/session requirement, document how to revoke it, and require user confirmation before each sensitive location query.
The Apple ID may be exposed in workspace files or reused in later tasks outside the user's immediate intent.
The skill tells the agent to persist an account identifier in general workspace memory, but does not specify retention, access controls, or limits on future reuse.
Add the Apple ID to your TOOLS.md or workspace config so you remember it for future queries
Store account identifiers in a scoped secure configuration or credential manager, avoid putting them in general agent memory, and provide a cleanup procedure.
Unexpected code could run locally if the parsed location text is manipulated or not in the expected format.
The documented parsing approach executes text received from the CLI/provider as Python code, which is unnecessary for parsing coordinates and can be unsafe if the input is malformed or attacker-influenced.
Location is a Python dict (use `eval()` or parse with regex); `python3 -c "import sys; loc = eval(sys.stdin.read()); ..."`
Replace `eval()` with `ast.literal_eval`, JSON parsing, or explicit regex extraction of latitude and longitude.
Installing the skill requires trusting the current Homebrew/pipx/PyiCloud supply chain.
The skill depends on an external CLI package installed without a pinned version; this is expected for the integration but still leaves dependency provenance and update behavior to the package managers.
`brew install pipx && pipx install pyicloud`
Verify the package source before installing and consider pinning or reviewing the PyiCloud version used.