ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

macOS

v1.0.0

macOS system administration, command-line differences from Linux, and automation best practices.

2· 2.5k·24 current·24 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the content: SKILL.md provides macOS-specific command-line tips, Homebrew paths, Keychain, launchd, TCC, SIP, file ops, logs, and automation—everything requested is consistent with macOS administration.
Instruction Scope
Instructions stay within macOS admin scope, but include sensitive operations (reading the TCC DB via sqlite3, Keychain add/find/delete, sudo pmset, csrutil disable instructions, launchctl load/unload, tccutil reset). These are legitimate for an admin guide but can affect privacy/security or system stability; they should only be executed with explicit user consent and appropriate privileges.
Install Mechanism
No install spec and no code files — instruction-only skill. Nothing will be written to disk by an installer during install, minimizing installation risk.
Credentials
Skill declares no environment variables, no credentials, and no config paths. It does reference macOS system paths and commands appropriately for the stated purpose; no disproportionate credential requests.
Persistence & Privilege
always:false and no requested persistence. The skill does not request elevated persistent privileges or modify other skills or system-wide agent settings.
Assessment
This skill is a coherent macOS admin guide and appears benign, but it contains commands that read or change sensitive system state (Keychain operations, reading the TCC DB, resetting privacy permissions, altering power settings, and instructions mentioning disabling SIP). Before installing or letting an agent run these instructions: 1) review each command and only run ones you understand; 2) never run copied sudo commands without knowing the effect; 3) expect Keychain and TCC operations to prompt macOS permissions and potentially expose secrets if misused; 4) back up important data/configuration before making system changes; and 5) consider requiring explicit user confirmation before the agent executes any command that requires elevated privileges or could be disruptive.

Like a lobster shell, security has layers — review code before you run it.

latestvk970e3afecc0nspd1kc4sfkc0x80wmjp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments