ClawHub

MyMacOptimizer

v1.0.0

My Mac Optimizer Controller

0· 209·0 current·0 all-time
by@maximouribarri
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the SKILL.md: all commands target a local My Mac Optimizer backend at http://127.0.0.1:8000 and implement expected optimizer actions (performance checks, scan/clean, uninstall, delete files). No unrelated credentials, binaries, or installs are requested.
Instruction Scope
Instructions are limited to curl calls to localhost endpoints. However several endpoints are destructive (/api/apps/delete, /api/files/delete). The SKILL.md includes a note to ask for user confirmation, but the instructions as written allow the agent to perform file/app deletion if invoked; confirm-before-delete behavior depends on the agent's runtime safeguards.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing will be written to disk by the skill itself. This is low risk from an install perspective.
Credentials
No environment variables, credentials, or config paths are requested and the instructions do not reference any hidden credentials. The skill relies on a local HTTP API only.
Persistence & Privilege
always:false (normal). The skill can be invoked autonomously by the agent (platform default). Combined with destructive endpoints, this increases risk unless the agent strictly enforces user confirmation before executing POST/delete operations.
Assessment
This skill is coherent for controlling a local Mac optimizer, but before installing or using it: (1) Verify that the 'My Mac Optimizer' app is a legitimate program you installed and that its local API is intentionally bound to 127.0.0.1 and protected (preferably requires auth). (2) Require the agent to present the exact items it plans to delete/uninstall and obtain explicit user approval for each destructive action. (3) Test with safe read-only endpoints (performance, scan, apps listing) first. (4) Consider disabling autonomous invocation or restricting when/which destructive endpoints the agent may call if you want tighter control. (5) Do not run delete/uninstall commands until you have confirmed the target file/app path is correct and backed up if necessary.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cdxfgzwpst3bsdz9c4jntxs82ck8t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments