ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Native Automation

Apple Native Automation & Testing Skill

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 39 · 0 current installs · 0 all-time installs
by@soponcd
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill advertises Apple/XCTest/XCUITest usage but declares no required OS, binaries, or tools. In practice this requires macOS, Xcode (xcodebuild/xcrun), simulators/devices, and signing/provisioning setup—none of which are declared. The lack of an OS restriction or required binaries is disproportionate to the claimed purpose.
!
Instruction Scope
SKILL.md tells the agent to always run a wrapper script at ./tools/run_native_tests.sh but that script is not included. Instructing execution of an unspecified local script grants broad discretion and could execute arbitrary commands. The rest of the instructions (test patterns, reset flags) are reasonable for native testing, but the anonymous wrapper script and missing guidance on handling signing/profiles are scope creep.
Install Mechanism
Instruction-only skill with no install spec or downloaded artifacts, which is low-risk. No installers or external archives are referenced.
!
Credentials
The skill declares no required environment variables or credentials, yet real Apple test workflows commonly need access to developer credentials, code-signing certificates, provisioning profiles, and possibly CI secrets. Omitting these while instructing test execution is an incoherence (either the skill is incomplete or it expects access to system-level credentials implicitly).
Persistence & Privilege
No elevated persistence requested (always:false). The skill doesn't declare changes to other skills or system-wide configs. Autonomous invocation is allowed (platform default) but not combined with other high-risk flags.
What to consider before installing
This SKILL.md describes how to run Apple/XCTest-based tests but omits important operational details. Before installing or using it: 1) Verify this will run only on macOS with Xcode installed (xcodebuild/xcrun) and add an OS restriction if appropriate. 2) Inspect the ./tools/run_native_tests.sh wrapper script (and any other local scripts it calls) before executing—do not run unknown scripts. 3) Expect to need Apple Developer credentials, signing certificates, and provisioning profiles; ensure those secrets are not implicitly exposed. 4) If you plan to let the agent invoke this autonomously, restrict what machines/devices it can access and ensure CI credentials are scoped/minimized. If the skill owner can provide the wrapper script contents and a clearer list of required tools/credentials, reassess; without that, proceed cautiously.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk973v6ndbcqbqvfk0dg3gw6sn583k9jv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis

SKILL.md

Native Automation Skill

Philosophy: Use Apple's first-party tools (XCTest, XCUITest, Instruments) as the source of truth for quality.

Capabilities

  1. Unit Testing Logic: fast, isolated logic verification.
  2. UI Testing: End-to-end user flow verification.
  3. Snapshot Testing: Visual regression testing.
  4. Performance Testing: XCTMetric verification.
  5. Accessibility Testing: Automated audit via XCUITest.
  6. Hero Flow Verification: Integrated critical path testing (Input -> Process -> Connect).

Usage

1. Execute Tests via Script

Always use the wrapper script to ensure correct scheme and destination settings.

./tools/run_native_tests.sh [mode]

Modes:

  • unit: Run unit tests only (Logic layer).
  • ui: Run UI tests only (Interaction layer).
  • fast: Run unit + critical UI paths.
  • full: Run ALL tests (including performance and snapshots).

2. Writing Tests

  • Unit: Inherit from XCTestCase. Use XCTAssert....
  • UI: Inherit from XCTestCase. Use XCUIApplication.
  • Performance: Use measure(metrics:options:block:).

Best Practices

  • Isolation: Reset state before each UI test (app.launchArguments += ["-reset"]).
  • Accessibility: Use app.buttons["identifier"] over static texts.
  • Concurrency: Use XCTestExpectation for async code.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…