ClawHub

Find My Location

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Apple Find My location lookup, but it needs Review because it combines precise live location tracking with broad screen capture, UI-control permissions, and an unauthenticated local click helper.

Install only if you are comfortable granting screen-reading and UI-control permissions and using your Apple Find My session for precise location lookup. Configure the target carefully, avoid the Hammerspoon click server unless you can restrict or remove it, close sensitive windows before running, delete /tmp screenshots after use, and use it only for contacts who intentionally share location with you.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (9)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
}

def run(cmd):
    return subprocess.run(cmd, shell=True, capture_output=True, text=True).stdout.strip()

def load_config():
    if os.path.exists(CONFIG_PATH):
Confidence
98% confidence
Finding
return subprocess.run(cmd, shell=True, capture_output=True, text=True).stdout.strip()

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The Hammerspoon instructions create a persistent local HTTP service that can synthesize mouse clicks anywhere on the system, which is a much broader control surface than simply reading a contact's location. Even though it listens on localhost, any local process or malicious webpage exploiting localhost access patterns could abuse it to drive UI actions, potentially leading to unauthorized app interaction or privilege abuse.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill reads USER.md files to infer a target name, even though that file is unrelated to the core function of querying Find My. This creates unnecessary access to potentially sensitive local profile data and couples location tracking to unrelated personal files, which broadens data exposure and enables unintended collection.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly promotes precise tracking of a shared contact's location, including address-level output, screenshots, and contextual labeling such as home/work, but provides no privacy, consent, retention, or misuse guidance. In this skill context, that omission is especially dangerous because the feature set is inherently surveillance-capable and can facilitate stalking, coercive monitoring, or unnecessary exposure of sensitive location data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup instructs users to grant Accessibility and Screen Recording permissions without clearly explaining that these are powerful OS-level permissions that can capture on-screen content and interact with other applications. In a tool designed to monitor another person's location, normalizing these permissions without warning increases the risk of overcollection and abuse well beyond the stated task.

Missing User Warnings

High
Confidence
97% confidence
Finding
This skill is explicitly designed to track another person's shared Find My location with street-level accuracy and capture screenshots, yet the documentation lacks prominent consent, privacy, retention, and lawful-use warnings. In this context, the omission is dangerous because it normalizes highly sensitive surveillance behavior and increases the risk of misuse against shared contacts without informed boundaries.

Missing User Warnings

High
Confidence
99% confidence
Finding
The script automates the Find My UI, forces the app frontmost, clicks coordinates, reads accessibility data, and captures a screenshot of the user's screen without meaningful user confirmation in the code path. In a location-tracking skill, this is especially sensitive because it can extract precise whereabouts and surrounding on-screen content, making the undisclosed automation materially dangerous.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code reads personal data from USER.md and parses Find My accessibility output for email, city, state, and status information without clear minimization or disclosure. Because the skill's purpose is to track a shared contact's location, collecting and processing identity/location fields raises the sensitivity of this behavior and increases privacy risk.

Session Persistence

Medium
Category
Rogue Agent
Content
server:start()
```

Reload config (Hammerspoon menu → Reload Config), then create `~/.local/bin/hsclick`:
```bash
#!/bin/bash
curl -s -X POST localhost:9090/click -d "{\"x\":$2,\"y\":$3}"
Confidence
90% confidence
Finding
create `~/.local/bin/hsclick`: ```bash #!/bin/bash curl -s -X POST localhost:9090/click -d "{\"x\":$2,\"y\":$3}" chmod +x ~/.local/bin/hsclick ``` ## Installation ```bash git clone https://github.co

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal