Macos Bridge

Security checks across malware telemetry and agentic risk

Overview

This skill clearly installs SSH-based wrappers so a Linux OpenClaw gateway can use selected Mac-only tools, with the main risk being delegated access to the configured Mac account.

Install only for Macs you control on a trusted local network. Review the rendered tool-to-host map, use explicit mappings for sensitive tools, prefer a restricted SSH key/account, pin known_hosts where possible, and remember that any future agent able to run these wrappers can act through the configured Mac tools.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill instructs the agent to read local configuration files and execute shell scripts, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an operator may approve the skill believing it is low-privilege, while it can still access filesystem data and run commands that install wrappers, modify target directories, and invoke SSH or Wake-on-LAN behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal