ClawHub

Find My iCloud CLI

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly transparent about using iCloud Find My, but it handles very sensitive location data and has an unsafe local state-file design that needs review before use.

Install only if you explicitly want an agent to access iCloud Find My data for your own and family-shared devices. Verify the local `icloud`/pyicloud CLI before entering Apple credentials, keep the state directory private, and avoid using this skill until the username file is parsed as data instead of sourced as shell code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly performs file reads/writes and shell execution but declares no permissions, which undermines any permission-based review or user consent model. Because it can persist identifiers and invoke local commands that access sensitive Find My data, the missing declaration hides meaningful capability and privacy risk from operators.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill is designed to store a persistent Apple ID username and retrieve precise device and family-member location data, yet it provides no explicit privacy notice, retention guidance, or consent language. In this context, the data is highly sensitive because it can reveal real-time whereabouts, family relationships, and device ownership, so silent persistence and reuse materially increase privacy and misuse risk.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The script triggers live location lookup for devices and family-shared devices without any in-file consent prompt, warning, or disclosure at execution time. In a skill explicitly designed to locate people/devices, this increases privacy risk because a caller may invoke sensitive tracking behavior without clear user awareness or confirmation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal