clawdbot-macos-build
Security checks across malware telemetry and agentic risk
Overview
This skill is purpose-aligned, but it asks the agent to build and launch a high-privilege macOS app from unpinned remote source code and does not define clear containment or uninstall controls.
Install only if you trust the Clawdbot GitHub project and need this macOS companion. Before running the quick-build commands, pin or review the repository version, inspect package scripts and scripts/package-mac-app.sh, and confirm before sudo, /Applications install, first launch, macOS permission approvals, launchd service setup, remote gateway configuration, or deep-link enablement. Confirm how to disable remote access and uninstall the app before granting camera, microphone, screen recording, Accessibility, or persistent service permissions.
SkillSpector
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.